daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7304 from ruben-condor/remove-cve-tags-from-yeswiki-xss.yaml 

Update yeswiki-xss.yaml
patch-1
Ritik Chaddha 2023-05-29 23:27:46 +05:30 committed by GitHub
parent 5d520e5063 3fd9defc7c
commit 59651f1d57
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
http/vulnerabilities/other/yeswiki-xss.yaml
View File

@ -3,20 +3,20 @@ id: yeswiki-xss
info:
name: YesWiki <2022-07-07 - Cross-Site Scripting
author: arafatansari
severity: high
severity: medium
description: |
YesWiki before 2022-07-07 contains a cross-site scripting vulnerability via the id parameter in the AccueiL URL.
reference:
- https://huntr.dev/bounties/de4db96c-2717-4c0e-b7aa-eee756ca19d3/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
cvss-score: 7.2
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
cvss-score: 6.5
cwe-id: CWE-79
metadata:
max-request: 1
verified: true
shodan-query: http.html:"yeswiki"
tags: yeswiki,unauth,huntr,cve,cve2022,xss
tags: yeswiki,huntr,xss
http:
- method: GET