daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update wildcard-postmessage.yaml

patch-1
Prince Chaddha 2023-11-20 15:02:48 +05:30 committed by GitHub
parent 8c50dc94d9
commit bd7292acd3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
http/misconfiguration/wildcard-postmessage.yaml
View File

@ -3,7 +3,7 @@ id: wildcard-postmessage
info:
name: postMessage - Cross-Site Scripting
author: pdteam
severity: high
severity: unknown
description: postMessage contains a cross-site scripting vulnerability. An attacker can execute arbitrary script and therefore steal cookie-based authentication credentials and launch other attacks.
reference:
- https://jlajara.gitlab.io/web/2020/06/12/Dom_XSS_PostMessage.html