daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #406 from un-fmunozs/top15xss 

Update top-15-xss.yaml
patch-1
bauthard 2020-09-04 17:05:22 +05:30 committed by GitHub
parent 9ef6f7f029 a3f5b133a0
commit 0708e1a6bd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
generic-detections/top-15-xss.yaml
View File

@ -15,9 +15,14 @@ info:
requests:
- method: GET
path:
- "{{BaseURL}}/?q%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526s%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526search%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526id%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526action%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526keyword%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526query%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526page%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526keywords%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526url%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526view%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526cat%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526name%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526key%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E%2526p%3D%27%3E%22%3Csvg%2Fonload%3Dconfirm%28%27testing-xss%27%29%3E"
- "{{BaseURL}}/?q=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&s=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&search=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&id=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&action=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&keyword=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&query=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&page=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&keywords=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&url=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&view=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&cat=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&name=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&key=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E&p=%27%3E%22%3Csvg%2Fonload=confirm%28%27testing-xss%27%29%3E"
matchers-condition: and
matchers:
- type: word
words:
- "<svg/onload=confirm('testing-xss')>"
part: body
part: body
- type: word
words:
- "text/html"
part: header