commit
23de5c8b44
|
@ -2,7 +2,7 @@ id: CVE-2018-1000129
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Jolokia XSS
|
name: Jolokia XSS
|
||||||
author: mavericknerd
|
author: mavericknerd @0h1in9e
|
||||||
severity: high
|
severity: high
|
||||||
description: An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet that allows an attacker to execute malicious javascript in the victim's browser.
|
description: An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet that allows an attacker to execute malicious javascript in the victim's browser.
|
||||||
|
|
||||||
|
@ -21,3 +21,7 @@ requests:
|
||||||
words:
|
words:
|
||||||
- "<svg onload=alert(document.domain)>"
|
- "<svg onload=alert(document.domain)>"
|
||||||
part: body
|
part: body
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "text/html"
|
||||||
|
part: header
|
Loading…
Reference in New Issue