xss-uri-reflected: Reflected XSS

漏洞描述

Reflected cross-site scripting vulnerability was discovered via generic testing. Manual testing is needed to verify exploitation.

PoC代码[已公开]

id: xss-uri-reflected

info:
  name: Reflected XSS
  author: nadino,geeknik,matejsmycka
  severity: low
  description: |
    Reflected cross-site scripting vulnerability was discovered via generic testing. Manual testing is needed to verify exploitation.
  metadata:
    max-request: 1
  tags: xss,generic,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/a%22%3E%3Cinjectable%3E"
      - "{{BaseURL}}/a%27%3E%3Cinjectable%3E"

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "\"><injectable>"
          - "'><injectable>"
        condition: or

      - type: word
        part: content_type
        words:
          - "text/html"

      - type: status
        status:
          - 200

      - type: word
        part: body
        condition: or
        words:
          - "<title>Access Denied</title>"
          - "You don't have permission to access"
        negative: true
# digest: 4a0a00473045022100b9316c48f1c0636e2b268ef367622788820f805078e4f2ed366c604feae4319f0220506cb4088dcb94d095efc53385f46353c365ae1de43cb7656325cddd2fe7927a:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/generic/xss-uri-reflected.yaml