From 238876db30604a947f23a86e65a48bafe962cd38 Mon Sep 17 00:00:00 2001
From: Arafat Ansari <54571841+arafatansari@users.noreply.github.com>
Date: Thu, 30 Jun 2022 15:27:13 +0530
Subject: [PATCH] Update CVE-2022-30072.yaml

---
 cves/2022/CVE-2022-30072.yaml | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 cves/2022/CVE-2022-30072.yaml

diff --git a/cves/2022/CVE-2022-30072.yaml b/cves/2022/CVE-2022-30072.yaml
new file mode 100644
index 0000000000..3efb30903e
--- /dev/null
+++ b/cves/2022/CVE-2022-30072.yaml
@@ -0,0 +1,35 @@
+id: CVE-2022-30072
+
+info:
+  name: WBCE CMS v1.5.2 XSS Stored
+  author: arafatansari
+  severity: medium
+  description: |
+    WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via \admin\pages\sections_save.php namesection2 parameters.
+  reference:
+    - https://github.com/APTX-4879/CVE
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30072
+  metadata:
+    verified: true
+  tags: wbcecms,xss
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}\admin\pages\sections_save.php”
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<script>alert(document.domain)</script>"
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200