diff --git a/src/main/java/org/sasanlabs/service/vulnerability/xss/persistent/PersistentXSSInHTMLTagVulnerability.java b/src/main/java/org/sasanlabs/service/vulnerability/xss/persistent/PersistentXSSInHTMLTagVulnerability.java index f7209a90..f505c80e 100644 --- a/src/main/java/org/sasanlabs/service/vulnerability/xss/persistent/PersistentXSSInHTMLTagVulnerability.java +++ b/src/main/java/org/sasanlabs/service/vulnerability/xss/persistent/PersistentXSSInHTMLTagVulnerability.java @@ -166,7 +166,10 @@ public ResponseBean getVulnerablePayloadLevel4(ParameterBean parameterBe // NullByte @AttackVector( - vulnerabilityExposed = VulnerabilitySubType.PERSISTENT_XSS, + vulnerabilityExposed = { + VulnerabilitySubType.PERSISTENT_XSS, + VulnerabilitySubType.NULL_BYTE + }, description = "PERSISTENT_XSS_HTML_TAG_URL_PARAM_DIRECTLY_INJECTED_IN_DIV_TAG_REPLACING_IMG_AND_INPUT_TAG_IF_TAGS_ARE_PRESENT_BEFORE_NULL_BYTE") @VulnerabilityLevel( @@ -191,7 +194,10 @@ public ResponseBean getVulnerablePayloadLevel5(ParameterBean parameterBe } @AttackVector( - vulnerabilityExposed = VulnerabilitySubType.PERSISTENT_XSS, + vulnerabilityExposed = { + VulnerabilitySubType.PERSISTENT_XSS, + VulnerabilitySubType.NULL_BYTE + }, description = "PERSISTENT_XSS_HTML_TAG_URL_PARAM_DIRECTLY_INJECTED_IN_DIV_TAG_REPLACING_IMG_AND_INPUT_TAG_CASE_INSENSITIVEIF_TAGS_ARE_PRESENT_BEFORE_NULL_BYTE") @VulnerabilityLevel( @@ -217,7 +223,10 @@ public ResponseBean getVulnerablePayloadLevel6(ParameterBean parameterBe } @AttackVector( - vulnerabilityExposed = VulnerabilitySubType.PERSISTENT_XSS, + vulnerabilityExposed = { + VulnerabilitySubType.PERSISTENT_XSS, + VulnerabilitySubType.NULL_BYTE + }, description = "PERSISTENT_XSS_HTML_TAG_URL_PARAM_DIRECTLY_INJECTED_IN_DIV_TAG_AFTER_HTML_ESCAPING_POST_CONTENT_BEFORE_NULL_BYTE") @VulnerabilityLevel(