daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update CVE-2021-27519.yaml

patch-1
Mohsen khashei 2022-06-01 15:00:27 +04:30
parent 605967c2cb
commit 0d627a8b91
1 changed files with 15 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
cves/2021/CVE-2021-27519.yaml
View File

@ -1,12 +1,23 @@
id: CVE-2021-27519
info:
author: kh4sh3i
description: A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript
name: FUDForum 3.1.0 - Reflected XSS
author: kh4sh3i
severity: medium
description: |
A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript
tags: xss,fudforum,cve2021
reference: https://www.exploit-db.com/exploits/49942
reference:
- https://www.exploit-db.com/exploits/49942
- https://nvd.nist.gov/vuln/detail/CVE-2021-27519
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2021-27519
cwe-id: CWE-79
metadata:
shodan-query: 'http.html:"Powered by: FUDforum"'
verified: true
requests:
- method: GET
@ -18,8 +29,7 @@ requests:
- type: word
part: body
words:
- 'x onmouseover=alert(1) x='
- x" onmouseover=alert(1) x=
- type: word
part: header
words: