Dashboard Content Enhancements (#5436)

Dashboard Content Enhancements

cves/2008/CVE-2008-1061.yaml

@@ -10,7 +10,6 @@ info:
     - https://www.exploit-db.com/exploits/5194
     - https://wpscan.com/vulnerability/d0278ebe-e6ae-4f7c-bcad-ba318573f881
     - https://nvd.nist.gov/vuln/detail/CVE-2008-1061
-    - http://secunia.com/advisories/29099
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
     cvss-score: 7.2

cves/2021/CVE-2021-24214.yaml

@@ -1,13 +1,13 @@
 id: CVE-2021-24214
 info:
-  name: OpenID Connect Generic Client 3.8.0-3.8.1 - Reflected Cross Site Scripting (XSS) via Login Error
+  name: WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting
   author: tess
   severity: medium
-  description: The OpenID Connect Generic Client WordPress plugin 3.8.0 and 3.8.1 did not sanitise the login error when output back in the login form, leading to a reflected Cross-Site Scripting issue. This issue does not require authentication and can be exploited with the default configuration.
+  description: WordPress OpenID Connect Generic Client plugin 3.8.0 and 3.8.1 contains a cross-site scripting vulnerability. It does not sanitize the login error when output back in the login form, thereby not requiring authentication, which can be exploited with the default configuration.
   reference:
     - https://wpscan.com/vulnerability/31cf0dfb-4025-4898-a5f4-fc7115565a10
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-24214
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24214
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-24214
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -39,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/19

cves/2022/CVE-2022-0678.yaml

@@ -1,16 +1,16 @@
 id: CVE-2022-0678
 
 info:
-  name: Microweber < 1.2.11- Cross-Site Scripting
+  name: Packagist <1.2.11 - Cross-Site Scripting
   author: tess
   severity: medium
   description: |
-    Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11. User can escape the meta tag because the user doesn't escape the double-quote in the $redirectUrl parameter when logging out.
+    Packagist prior to 1.2.11 contains a cross-site scripting vulnerability via microweber/microweber. User can escape the meta tag because the user doesn't escape the double-quote in the $redirectUrl parameter when logging out.
   reference:
     - https://huntr.dev/bounties/d707137a-aace-44c5-b15c-1807035716c0/
     - https://twitter.com/CVEnew/status/1495001503249178624?s=20&t=sfABvm7oG39Fd6rG44vQWg
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-0678
     - https://huntr.dev/bounties/d707137a-aace-44c5-b15c-1807035716c0
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0678
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -43,3 +43,5 @@ requests:
       - type: status
         status:
           - 404
+
+# Enhanced by md on 2022/09/19

miscellaneous/addeventlistener-detect.yaml

@@ -1,11 +1,16 @@
 id: addeventlistener-detect
 
 info:
-  name: DOM EventListener detection
+  name: DOM EventListener - Cross-Site Scripting
   author: yavolo,dwisiswant0
   severity: info
+  description: EventListener contains a cross-site scripting vulnerability via the document object model (DOM). An attacker can execute arbitrary script which can then allow theft of cookie-based authentication credentials and launch of  other attacks.
   reference:
     - https://portswigger.net/web-security/dom-based/controlling-the-web-message-source
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: xss,misc
 
 requests:
@@ -18,3 +23,5 @@ requests:
         part: body
         regex:
           - (([\w\_]+)\.)?add[Ee]vent[Ll]istener\(["']?[\w\_]+["']? # Test cases: https://www.regextester.com/?fam=121118
+
+# Enhanced by md on 2022/09/19

misconfiguration/xss-deprecated-header.yaml

@@ -4,14 +4,13 @@ info:
   name: XSS-Protection Header - Cross-Site Scripting
   author: joshlarsen
   severity: info
-  description: XSS-Protection header in Explorer, Chrome, and Safari contains a cross-site scripting vulnerability if set to any value other than `0`.
+  description: Setting the XSS-Protection header is deprecated. Setting the header to anything other than `0` can actually introduce an XSS vulnerability.
   reference:
     - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
     - https://owasp.org/www-project-secure-headers/#x-xss-protection
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
   tags: xss,misconfig,generic
 
 requests:

vulnerabilities/drupal/drupal-avatar-xss.yaml

@@ -1,13 +1,18 @@
 id: drupal-avatar-xss
 
 info:
-  name: Drupal avatar_uploader v7.x-1.0-beta8 - Cross-Site Scripting
+  name: Drupal Avatar Uploader - Cross-Site Scripting
   author: bywalks
-  severity: medium
+  severity: high
   description: |
-    This plugin creates a avatar_uploader from any post types. The slider import search feature and tab parameter via plugin settings are vulnerable to reflected cross-site scripting.
+    Drupal Avatar Uploader v7.x-1.0-beta8 plugin contains a cross-site scripting vulnerability in the slider import search feature and tab parameter via plugin settings.
   reference:
     - https://www.exploit-db.com/exploits/50841
+    - https://packetstormsecurity.com/files/166409/Drupal-Avatar-Upload-7.x-1.0-beta8-Cross-Site-Scripting.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: xss,drupal,edb
 
 requests:
@@ -31,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/19

vulnerabilities/gnuboard/gnuboard-sms-xss.yaml

@@ -1,13 +1,17 @@
 id: gnuboard-sms-xss
 
 info:
-  name: Gnuboard CMS - SMS Emoticon Cross-Site Scripting
+  name: Gnuboard CMS - Cross-Site Scripting
   author: gy741
   severity: medium
-  description: A vulnerability in Gnuboard CMS allows remote attackers to inject arbitrary Javascript into the responses returned by the server.
+  description: Gnuboard CMS contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary JavaScript into the responses returned by the server.
   reference:
     - https://sir.kr/g5_pds/4788?page=5
     - https://github.com/gnuboard/gnuboard5/commit/8182cac90d2ee2f9da06469ecba759170e782ee3
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   metadata:
     verified: true
     shodan-query: http.html:"Gnuboard"
@@ -33,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/19

vulnerabilities/gnuboard/gnuboard5-rxss.yaml

@@ -1,13 +1,18 @@
 id: gnuboard5-rxss
 
 info:
-  name: Gnuboard5 - Cross-Site Scripting
+  name: Gnuboard 5 - Cross-Site Scripting
   author: arafatansari
   severity: medium
   description: |
-    Gnuboard 5 is vulnerable to reflected XSS via $_GET['LGD_OID'].
+    Gnuboard 5 contains a cross-site scripting vulnerability via the $_GET['LGD_OID'] parameter.
   reference:
     - https://huntr.dev/bounties/ed317cde-9bd1-429e-b6d3-547e72534dd5/
+    - https://vulners.com/huntr/25775287-88CD-4F00-B978-692D627DFF04
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   metadata:
     verified: true
     shodan-query: http.html:"gnuboard5"
@@ -32,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/19

vulnerabilities/gnuboard/gnuboard5-xss.yaml

@@ -1,13 +1,17 @@
 id: gnuboard5-xss
 
 info:
-  name: Gnuboard5 - Cross-Site Scripting
+  name: Gnuboard 5 - Cross-Site Scripting
   author: arafatansari
   severity: medium
   description: |
-    Gnuboard 5 is vulnerable to reflected XSS to a flaw in the clean_xss_tags() function called in new.php.
+    Gnuboard 5 contains a cross-site scripting vulnerability via the clean_xss_tags() function called in new.php.
   reference:
     - https://huntr.dev/bounties/ad2a9b32-fe6c-43e9-9b05-2c77c58dde6a/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   metadata:
     verified: true
     shodan-query: http.html:"gnuboard5"
@@ -32,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/19

vulnerabilities/httpbin/httpbin-xss.yaml

@@ -3,9 +3,14 @@ id: httpbin-xss
 info:
   name: HTTPBin - Cross-Site Scripting
   author: Adam Crosser
-  severity: medium
+  severity: high
+  description: HTTPBin contains a cross-site scripting vulnerability which can allow an attacker to execute arbitrary script. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://github.com/postmanlabs/httpbin
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   metadata:
     shodan-query:
       - html:"https://github.com/requests/httpbin"
@@ -32,3 +37,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/19

vulnerabilities/ibm/eclipse-help-system-xss.yaml

@@ -1,9 +1,15 @@
 id: eclipse-help-system-xss
 
 info:
-  name: Eclipse Help System Cross-Site Scripting
+  name: IBM Eclipse Help System - Cross-Site Scripting
   author: pikpikcu
-  severity: medium
+  severity: high
+  description: IBM Eclipse Help System 6.1.0 through 6.1.0.6, 6.1.5 through 6.1.5.3, 7.0 through 7.0.0.2, and 8.0 prior to 8.0.0.1 contains a cross-site scripting vulnerability. An attacker can execute arbitrary script in the browser of an unsuspecting user in the context of the affected site.
+  reference: https://packetstormsecurity.com/files/131924/IBM-Eclipse-Help-System-IEHS-Cross-Site-Scripting.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: ibm,xss
 
 requests:
@@ -23,3 +29,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by md on 2022/09/19

vulnerabilities/laravel/laravel-ignition-xss.yaml

@@ -1,16 +1,20 @@
 id: laravel-ignition-xss
 
 info:
-  name: Laravel Ignition Cross-Site Scripting
+  name: Laravel Ignition - Cross-Site Scripting
   author: 0x_Akoko
-  severity: medium
+  severity: high
   description: |
-    Laravel's Ignition contains a cross-site scripting vulnerability when debug mode is enabled.
+    Laravel Ignition contains a cross-site scripting vulnerability when debug mode is enabled.
   remediation: |
-    Disable Laravel's debug mode by setting APP_DEBUG to false.
+    Disable debug mode by setting APP_DEBUG to false.
   reference:
     - https://www.acunetix.com/vulnerabilities/web/laravel-ignition-reflected-cross-site-scripting/
     - https://github.com/facade/ignition/issues/273
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: laravel,xss,ignition
 
 requests:
@@ -33,3 +37,5 @@ requests:
       - type: status
         status:
           - 500
+
+# Enhanced by md on 2022/09/19

vulnerabilities/moodle/moodle-filter-jmol-xss.yaml

@@ -1,12 +1,16 @@
 id: moodle-filter-jmol-xss
 
 info:
-  name: Moodle filter_jmol - Cross-Site Scripting
+  name: Moodle Jsmol - Cross-Site Scripting
   author: madrobot
   severity: medium
-  description: Cross-site scripting on Moodle.
+  description: Moodle contains a cross-site scripting vulnerability via the Jsmol plugin and may also be susceptible to local file inclusion or server-side-request forgery. An attacker can execute arbitrary script in the browser of an unsuspecting user and steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://www.dionach.com/blog/moodle-jmol-plugin-multiple-vulnerabilities/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: moodle,xss
 
 requests:
@@ -29,3 +33,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by md on 2022/09/19

vulnerabilities/moodle/moodle-xss.yaml

@@ -1,12 +1,17 @@
 id: moodle-xss
 
 info:
-  name: Moodle redirect_uri - Cross-Site Scripting
+  name: Moodle - Cross-Site Scripting
   author: hackergautam
   severity: medium
-  description: XSS in moodle via redirect_uri parameter
+  description: Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, and earlier unsupported versions contain a cross-site scripting vulnerability via the redirect_uri parameter.
   reference:
     - https://twitter.com/JacksonHHax/status/1391367064154042377
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-32478
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: moodle,xss
 
 requests:
@@ -31,3 +36,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by md on 2022/09/19

vulnerabilities/netsweeper/netsweeper-rxss.yaml

@@ -3,9 +3,15 @@ id: netsweeper-rxss
 info:
   name: Netsweeper 4.0.9 - Cross-Site Scripting
   author: daffainfo
-  severity: medium
+  severity: high
+  description: Netsweeper 4.0.9 contains a cross-site scripting vulnerability. An attacker can execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz
+    - https://www.exploit-db.com/exploits/37930
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: xss,packetstorm,netsweeper
 
 requests:
@@ -28,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/19

vulnerabilities/oracle/oracle-ebs-xss.yaml

@@ -1,11 +1,10 @@
 id: oracle-ebs-xss
 
 info:
-  name: Oracle EBS - Cross-Site Scripting
+  name: Oracle E-Business Suite - Cross-Site Scripting
   author: dhiyaneshDk
   severity: medium
   reference:
-    - https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite-wp-4.pdf
     - https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite.pdf
     - http://www.davidlitchfield.com/AssessingOraclee-BusinessSuite11i.pdf
   tags: oracle,xss,ebs
@@ -31,3 +30,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by md on 2022/09/19

vulnerabilities/other/avada-xss.yaml

@@ -1,13 +1,17 @@
 id: avada-xss
 
 info:
-  name: Avada < 7.4.2 - Cross-Site Scripting
+  name: WordPress Avada Website Builder <7.4.2 - Cross-Site Scripting
   author: Akincibor
-  severity: medium
-  description: The theme does not properly escape bbPress searches before outputting them back as breadcrumbs, leading to a Reflected Cross-Site Scripting issue.
+  severity: high
+  description: WordPress Avada Website Builder prior to 7.4.2 contains a cross-site scripting vulnerability. The theme does not properly escape bbPress searches before outputting them back as breadcrumbs.
   reference:
     - https://wpscan.com/vulnerability/eb172b07-56ab-41ce-92a1-be38bab567cb
     - https://theme-fusion.com/documentation/avada/installation-maintenance/avada-changelog/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: xss,wp,wordpress,wp-theme,avada,wpscan
 
 requests:
@@ -32,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/19

vulnerabilities/other/carrental-xss.yaml

@@ -1,14 +1,18 @@
 id: carrental-xss
 
 info:
-  name: Car Rental Management System v1.0 - Stored Cross-Site Scripting
+  name: Car Rental Management System 1.0 - Cross-Site Scripting
   author: arafatansari
   severity: medium
   description: |
-    Car Rental Management System v1.0 is vulnerable to Cross Site Scripting via admin/ajax.php?action=save_category in Name and Description Parameter.
+    Car Rental Management System 1.0 contains a cross-site scripting vulnerability via admin/ajax.php?action=save_category in Name and Description parameter.
   reference:
     - https://www.exploit-db.com/exploits/49546
     - https://www.sourcecodester.com/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   metadata:
     verified: true
     shodan-query: http.html:"Car Rental Management System"
@@ -31,7 +35,6 @@ requests:
         ------WebKitFormBoundaryCMJ5bh3B6m9767Em
         Content-Disposition: form-data; name="id"
 
-
         ------WebKitFormBoundaryCMJ5bh3B6m9767Em
         Content-Disposition: form-data; name="name"
 
@@ -64,3 +67,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/19

vulnerabilities/other/ckan-dom-based-xss.yaml

@@ -1,12 +1,17 @@
 id: ckan-dom-based-xss
 
 info:
-  name: CKAN DOM Based Cross-Site Scripting
+  name: Ckan - DOM Cross-Site Scripting
   author: dhiyaneshDk
-  severity: medium
-  description: CKAN uses the old jQuery Sparkle library which is vulnerable to DOM Based XSS.
+  severity: high
+  description: Ckan contains a cross-site scripting vulnerability in the document object model via the previous version of the jQuery Sparkle library. An attacker can execute arbitrary script and thus can steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://github.com/ckan/ckan/blob/b9e45e2723d4abd70fa72b16ec4a0bebc795c56b/ckan/public/base/javascript/view-filters.js#L27
+    - https://security.snyk.io/vuln/SNYK-PYTHON-CKAN-42010
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: dom,xss
 
 requests:
@@ -28,3 +33,5 @@ requests:
         words:
           - 'text/html'
         part: header
+
+# Enhanced by md on 2022/09/20

vulnerabilities/other/coldfusion-debug-xss.yaml

@@ -1,12 +1,16 @@
 id: coldfusion-debug-xss
 
 info:
-  name: Adobe ColdFusion Debug Page Cross-Site Scripting
+  name: Adobe ColdFusion - Cross-Site Scripting
   author: dhiyaneshDK
-  severity: medium
-  description: The remote Adobe ColdFusion debug page has been left open to unauthenticated users, this could allow remote attackers to trigger a reflected cross site scripting against the visitors of the site.
+  severity: high
+  description: Adobe ColdFusion debug page contains a cross-site scripting vulnerability when the application is running on a remote host. An attacker can execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://github.com/jaeles-project/jaeles-signatures/blob/master/common/coldfusion-debug-xss.yaml
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   metadata:
     shodan-query: http.component:"Adobe ColdFusion"
   tags: adobe,coldfusion,xss
@@ -32,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/20

vulnerabilities/other/devalcms-xss.yaml

@@ -1,13 +1,19 @@
-id: devalcms-xss
+id: CVE-2008-6982
 
 info:
-  name: Devalcms 1.4A - Cross-Site Scripting
+  name: Devalcms 1.4a - Cross-Site Scripting
   author: arafatansari
-  severity: medium
+  severity: high
   description: |
-    Devalcms 1.4A is affected by Cross-Site Scripting (rXSS) in the 'currentpath' parameter of the index.php file.
+    Devalcms 1.4a contains a cross-site scripting vulnerability in the currentpath parameter of the index.php file.
   reference:
     - https://www.exploit-db.com/exploits/6369
+    - https://www.cvedetails.com/cve/CVE-2008-6982
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-6982
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   metadata:
     verified: true
   tags: devalcms,xss,cms,edb
@@ -32,3 +38,5 @@ requests:
       - type: status
         status:
           - 500
+
+# Enhanced by md on 2022/09/20

vulnerabilities/other/discourse-xss.yaml

@@ -1,10 +1,17 @@
 id: discourse-xss
 
 info:
-  name: Discourse CMS - Cross-Site Scripting
+  name: Discourse - Cross-Site Scripting
   author: madrobot
-  severity: medium
-  description: Cross-site scripting (XSS) on Discourse CMS
+  severity: high
+  description: Discourse contains a cross-site scripting vulnerability. An attacker can execute arbitrary script and thus steal cookie-based authentication credentials and launch other attacks.
+  reference:
+    - https://www.cvedetails.com/vulnerability-list/vendor_id-20185/product_id-57316/opxss-1/Discourse-Discourse.html
+    - https://github.com/discourse/discourse/security/advisories/GHSA-xhmc-9jwm-wqph
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: xss,discourse
 
 requests:
@@ -26,3 +33,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by md on 2022/09/20

vulnerabilities/other/dzzoffice-xss.yaml

@@ -1,13 +1,17 @@
 id: dzzoffice-xss
 
 info:
-  name: Dzzoffice 2.02.1_SC_UTF8 - Cross-Site Scripting
+  name: Dzzoffice 2.02.1 - Cross-Site Scripting
   author: arafatansari
-  severity: medium
+  severity: high
   description: |
-    A XSS vulnerability was discovered in dzzoffice 2.02.1_SC_UTF8, There is a Reflected XSS attacks vulnerability which allows remote attackers to inject arbitrary web script or HTML via the zero parameter.
+    Dzzoffice 2.02.1_SC_UTF8 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the zero parameter.
   reference:
     - https://github.com/zyx0814/dzzoffice/issues/183
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   metadata:
     verified: true
     shodan-query: http.html:"dzzoffice"
@@ -36,3 +40,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/20

vulnerabilities/other/empirecms-xss.yaml

@@ -1,11 +1,17 @@
 id: empirecms-xss
 
 info:
-  name: EmpireCMS v75 Cross-Site Scripting
+  name: EmpireCMS 7.5 - Cross-Site Scripting
   author: pikpikcu
-  severity: medium
+  severity: high
+  description: EmpireCMS 7.5 contains a cross-site scripting vulnerability. An attacker can execute arbitrary script and thus steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://www.geek-share.com/detail/2777280260.html
+    - https://github.com/leadscloud/EmpireCMS/issues/4
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: empirecms,xss
 
 requests:
@@ -23,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/20

vulnerabilities/other/eris-xss.yaml

@@ -1,11 +1,17 @@
 id: eris-xss
 
 info:
-  name: Complete Online Job Search System v1.0 - Cross-Site Scripting
+  name: Complete Online Job Search System 1.0 - Cross-Site Scripting
   author: arafatansari
-  severity: medium
+  severity: high
   description: |
-    Complete Online Job Search System v1.0 is vulnerable to Reflected Cross Site Scripting via index.php?q=advancesearch.
+    Complete Online Job Search System 1.0 contains a cross-site scripting vulnerability via index.php?q=advancesearch.
+  reference:
+    - https://github.com/debug601/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-9.md
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   metadata:
     verified: true
   tags: cve,cve2022,xss,eris
@@ -36,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/20

vulnerabilities/other/hospital-management-xss.yaml

@@ -1,11 +1,17 @@
 id: hospital-management-xss
 
 info:
-  name: Hospital Management System v1.0 - Cross Site Scripting
+  name: Hospital Management System 1.0 - Cross-Site Scripting
   author: arafatansari
-  severity: medium
+  severity: high
   description: |
-    Hospital Management System v1.0 was discovered to contain a XSS vulnerability via the searchdata parameter in doctor/search.php.
+    Hospital Management System 1.0 contains a cross-site scripting vulnerability via the searchdata parameter in doctor/search.php.
+  reference:
+    - https://vulmon.com/vulnerabilitydetails?qid=CVE-2021-39411&scoretype=cvssv3
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   metadata:
     verified: true
     shodan-query: http.html:"Hospital Management System"
@@ -37,3 +43,5 @@ requests:
           - "status_code_2 == 200"
           - contains(body_2, 'Result against \"<script>alert(document.domain)</script>\" keyword')
         condition: and
+
+# Enhanced by md on 2022/09/20

vulnerabilities/other/hospital-management-xss2.yaml

@@ -1,11 +1,17 @@
 id: hospital-management-xss2
 
 info:
-  name: Hospital Management System v1.0 - Cross Site Scripting
+  name: Hospital Management System 1.0 - Cross-Site Scripting
   author: arafatansari
-  severity: medium
+  severity: high
   description: |
-    Hospital Management System v1.0 was discovered to contain a XSS vulnerability via the searchdata parameter in patient-search.php.
+    Hospital Management System 1.0 contains a cross-site scripting vulnerability via the searchdata parameter in patient-search.php.
+  reference:
+    - https://vulmon.com/vulnerabilitydetails?qid=CVE-2021-39411&scoretype=cvssv3
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   metadata:
     verified: true
     shodan-query: http.html:"Hospital Management System"
@@ -37,3 +43,5 @@ requests:
           - "status_code_2 == 200"
           - contains(body_2, 'Result against \"<script>alert(document.domain)</script>\" keyword')
         condition: and
+
+# Enhanced by md on 2022/09/20

vulnerabilities/other/java-melody-xss.yaml

@@ -1,13 +1,17 @@
 id: java-melody-xss
 
 info:
-  name: JavaMelody Monitoring - Cross-Site Scripting
+  name: JavaMelody - Cross-Site Scripting
   author: kailashbohara
-  severity: medium
-  description: Reflected cross site scripting (XSS) in JavaMelody monitoring.
+  severity: high
+  description: JavaMelody contains a cross-site scripting vulnerability via the monitoring parameter. An attacker can execute arbitrary script in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
   reference:
     - https://github.com/Hurdano/JavaMelody-XSS
     - https://github.com/javamelody/javamelody/pull/555
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
+    cvss-score: 7.2
+    cwe-id: CWE-79
   tags: xss,javamelody
 
 requests:
@@ -29,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by md on 2022/09/20