Delete CVE-2022-28477.yaml

2022-07-11 21:57:06 +05:30 · 2022-07-11 21:57:06 +05:30 · 88ba9b8176
parent 32feacf4b4
commit 88ba9b8176
1 changed files with 0 additions and 41 deletions
--- a/cves/2022/CVE-2022-28477.yaml
+++ b/cves/2022/CVE-2022-28477.yaml
@ -1,41 +0,0 @@
-id: CVE-2022-28477
-
-info:
-  name: WBCE CMS v1.5.2 XSS Stored
-  author: arafatansari
-  severity: medium
-  description: |
-    WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via \admin\setting\ Website Header Field parameters.
-  reference:
-    - https://github.com/APTX-4879/CVE
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28477
-    - https://github.com/APTX-4879/CVE/blob/main/CVE-2022-28477..pdf
-  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.1
-    cve-id: CVE-2022-28477
-    cwe-id: CWE-79
-  metadata:
-    verified: "true"
-  tags: wbcecms,xss
-
-requests:
-  - method: POST
-    path:
-      - "{{BaseURL}}/admin/setting/save.php"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - "<script>alert(document.domain)</script>"
-
-      - type: word
-        part: header
-        words:
-          - text/html
-
-      - type: status
-        status:
-          - 200