Update stored-xss-mwb.yaml
amit-jd
GitHub
parent
711bad8a91
commit
38eba0637e
|
|
@ -14,7 +14,7 @@ info:
|
|||
cvss-score: 6.8
|
||||
cwe-id: CWE-79
|
||||
cve-id: CVE-2022-0954
|
||||
tags: cve,cve2022,xss,microweber
|
||||
tags: cve,cve2022,xss,microweber
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
|
@ -24,7 +24,7 @@ requests:
|
|||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
username={{username}}&password={{password}}
|
||||
|
||||
|
||||
- |
|
||||
POST /api/save_option HTTP/2
|
||||
Host: {{Hostname}}
|
||||
|
|
@ -42,10 +42,10 @@ requests:
|
|||
Referer: {{BaseURL}}/admin/view:shop/action:options
|
||||
|
||||
module=settings%2Fsystem_settings&id=settings_admin_mw-main-module-backend&class=card-body+pt-3&option_group=email&is_system=1&style=position%3A+relative%3B
|
||||
|
||||
|
||||
req-condition: true
|
||||
cookie-reuse: true
|
||||
|
||||
|
||||
matchers-condition: or
|
||||
matchers:
|
||||
- type: dsl
|
||||
|
|
@ -56,10 +56,3 @@ requests:
|
|||
- 'status_code_3==200'
|
||||
condition: and
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
part: header
|
||||
name: session
|
||||
kval:
|
||||
- laravel_session
|
||||
internal: true
|
||||
|
|
|
|||
Loading…
Reference in New Issue