Skip to content

Commit

Permalink
Merge pull request #170 from SasanLabs/Fix1
Browse files Browse the repository at this point in the history 
Updating Vulnerability Type
  • Loading branch information
@preetkaran20
preetkaran20 authored Aug 8, 2020
2 parents 9c5ab9a + 4491c0e commit 0e5224c
Showing 1 changed file with 12 additions and 3 deletions.
15 changes: 12 additions & 3 deletions ...g/sasanlabs/service/vulnerability/xss/persistent/PersistentXSSInHTMLTagVulnerability.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -166,7 +166,10 @@ public ResponseBean<String> getVulnerablePayloadLevel4(ParameterBean parameterBe

// NullByte
@AttackVector(
vulnerabilityExposed = VulnerabilitySubType.PERSISTENT_XSS,
vulnerabilityExposed = {
VulnerabilitySubType.PERSISTENT_XSS,
VulnerabilitySubType.NULL_BYTE
},
description =
"PERSISTENT_XSS_HTML_TAG_URL_PARAM_DIRECTLY_INJECTED_IN_DIV_TAG_REPLACING_IMG_AND_INPUT_TAG_IF_TAGS_ARE_PRESENT_BEFORE_NULL_BYTE")
@VulnerabilityLevel(
Expand All @@ -191,7 +194,10 @@ public ResponseBean<String> getVulnerablePayloadLevel5(ParameterBean parameterBe
}

@AttackVector(
vulnerabilityExposed = VulnerabilitySubType.PERSISTENT_XSS,
vulnerabilityExposed = {
VulnerabilitySubType.PERSISTENT_XSS,
VulnerabilitySubType.NULL_BYTE
},
description =
"PERSISTENT_XSS_HTML_TAG_URL_PARAM_DIRECTLY_INJECTED_IN_DIV_TAG_REPLACING_IMG_AND_INPUT_TAG_CASE_INSENSITIVEIF_TAGS_ARE_PRESENT_BEFORE_NULL_BYTE")
@VulnerabilityLevel(
Expand All @@ -217,7 +223,10 @@ public ResponseBean<String> getVulnerablePayloadLevel6(ParameterBean parameterBe
}

@AttackVector(
vulnerabilityExposed = VulnerabilitySubType.PERSISTENT_XSS,
vulnerabilityExposed = {
VulnerabilitySubType.PERSISTENT_XSS,
VulnerabilitySubType.NULL_BYTE
},
description =
"PERSISTENT_XSS_HTML_TAG_URL_PARAM_DIRECTLY_INJECTED_IN_DIV_TAG_AFTER_HTML_ESCAPING_POST_CONTENT_BEFORE_NULL_BYTE")
@VulnerabilityLevel(
Expand Down

0 comments on commit 0e5224c

Please sign in to comment.