nuclei-templates

Commit Graph

Author	SHA1	Message	Date
sandeep	fe6dbc8b4d	misc update	2021-10-31 16:56:16 +05:30
GwanYeong Kim	43629d5f49	Create CVE-2021-31682.yaml The login portal for the Automated Logic WebCTRL/WebCTRL OEM web application contains a vulnerability that allows for reflected XSS attacks due to the operatorlocale GET parameter not being sanitized. This issue impacts versions 6.5 and below. This issue works by passing in a basic XSS payload to a vulnerable GET parameter that is reflected in the output without sanitization. Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>	2021-10-30 19:36:29 +09:00

Author

SHA1

Message

Date

sandeep

fe6dbc8b4d

misc update

2021-10-31 16:56:16 +05:30

GwanYeong Kim

43629d5f49

Create CVE-2021-31682.yaml

The login portal for the Automated Logic WebCTRL/WebCTRL OEM web application contains a vulnerability that allows for reflected XSS attacks due to the operatorlocale GET parameter not being sanitized. This issue impacts versions 6.5 and below. This issue works by passing in a basic XSS payload to a vulnerable GET parameter that is reflected in the output without sanitization.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>

2021-10-30 19:36:29 +09:00

2 Commits (6411ca373f6fc39b70f51c22fa6f001bbfe4e61c)