From 1a8f69a8c2ec5cbdd600cdc39f311917b1f84e96 Mon Sep 17 00:00:00 2001
From: MostInterestingBotInTheWorld
 <98333686+MostInterestingBotInTheWorld@users.noreply.github.com>
Date: Wed, 8 Mar 2023 14:22:04 -0500
Subject: [PATCH] Enhancement:
 misconfiguration/akamai/akamai-s3-cache-poisoning.yaml by md

---
 misconfiguration/akamai/akamai-s3-cache-poisoning.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml b/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml
index 2eeded9ef0..26ac0957a7 100644
--- a/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml
+++ b/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml
@@ -1,9 +1,10 @@
 id: akamai-s3-cache-poisoning
 
 info:
-  name: Akamai / S3 Cache Poisoning - Stored Cross-Site Scripting
+  name: Akamai/Amazon S3 - Stored Cross-Site Scripting
   author: DhiyaneshDk
   severity: high
+  description: Akamai/Amazon S3 contains a stored cross-site scripting vulnerability generated by cache poisoning capability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site, which can further allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://web.archive.org/web/20230101082612/https://spyclub.tech/2022/12/14/unusual-cache-poisoning-akamai-s3/
     - https://owasp.org/www-community/attacks/Cache_Poisoning
@@ -62,3 +63,5 @@ requests:
           - 'contains(body_2, "alert(document.domain)")'
           - 'status_code_2 == 200'
         condition: and
+
+# Enhanced by md on 2023/03/08