alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Appointment Hour Booking - WordPress? Plugin - Stored XSS (CVE-2019-13505)"; flow:established,to_server; content:"POST"; http_method; content:"form-data|3b 20|name=|22|cp_appbooking_pform_process|22|"; http_client_body; fast_pattern; content:"form-data|3b 20|name=|22|email_1|22 0d 0a 0d 0a 3c|script|3e|"; http_client_body; distance:0; metadata: former_category WEB_SPECIFIC_APPS; reference:cve,CVE-2019-13505; reference:url,github.com/ivoschyk-cs/CVE-s/blob/master/Appointment%20Hour%20Booking%20%E2%80%93%20WordPress%20Booking%20Plugin%20--%20stored%20XSS; classtype:web-application-attack; sid:2027706; rev:2; metadata:affected_product Wordpress_Plugins, attack_target Web_Server, deployment Internet, signature_severity Major, created_at 2019_07_12, performance_impact Low, updated_at 2019_07_12;)

Added 2019-07-12 18:35:01 UTC


Topic revision: r1 - 2019-07-12 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats