nuclei-templates/http/cves/2004/CVE-2004-1965.yaml

40 lines
1.7 KiB
YAML

id: CVE-2004-1965
info:
name: Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS
author: ctflearner
severity: medium
description: |
Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.
remediation: |
Upgrade to a patched version of Open Bulletin Board (OpenBB) or apply necessary security patches to mitigate the vulnerabilities.
reference:
- https://www.exploit-db.com/exploits/24055
- https://nvd.nist.gov/vuln/detail/CVE-2004-1965
- http://marc.info/?l=bugtraq&m=108301983206107&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15966
classification:
cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N
cvss-score: 4.3
cve-id: CVE-2004-1965
cwe-id: NVD-CWE-Other
epss-score: 0.0113
epss-percentile: 0.82982
cpe: cpe:2.3:a:openbb:openbb:1.0.0_beta1:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: openbb
product: openbb
tags: cve,cve2004,redirect,xss,openbb
http:
- method: GET
path:
- "{{BaseURL}}/index.php?redirect=http%3A%2F%2Fwww.interact.sh"
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'
# digest: 4a0a004730450220464a4d9ce1d6cbeaf71f551a06fd319a5a15203f7c40b1228809ef413ce6d869022100cb853dd541a12cbe5b12d10daaebc247d1b20e32d173b410d5191367fb6f5839:922c64590222798bb761d5b6d8e72950