daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2023-2309.yaml

main
Dhiyaneshwaran 2024-07-22 14:54:48 +05:30 committed by GitHub
parent bbba105bda
commit fbfb6abbed
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
http/cves/2023/CVE-2023-2309.yaml
View File

@ -11,19 +11,22 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2023-2309
- https://wpscan.com/vulnerability/1b3f4558-ea41-4749-9aa2-d3971fc9ca0d/
- https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wpforo/wpforo-forum-218-reflected-cross-site-scripting-via-wpforo-debug
- https://github.com/fkie-cad/nvd-json-data-feeds
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2023-2309
epss-score: 0.00052
epss-percentile: 0.20645
epss-percentile: 0.20793
cpe: cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 1
vendor: gvectors
product: wpforo_forum
framework: wordpress
tags: xss,wpscan,cve,cve2023,wp-plugin
publicwww-query: "/wp-content/plugins/wpforo/"
tags: cve,cve2023,wordpress,wpforo,wpscan,wp-plugin,wp,xss
http:
- raw:
@ -34,6 +37,7 @@ http:
matchers:
- type: dsl
dsl:
- 'contains(body,"<script>alert(/document.domain/)</script>") && contains(header,"text/html")'
- 'contains_all(body,"<script>alert(/document.domain/)</script>","wpforo")'
- 'contains(header,"text/html")'
- 'status_code == 200'
condition: and