Merge pull request #83 from wallarm/stored-xss-detect

MKirichenko-Wallarm · web-flow · commit 89a787ac9a1d · 2022-06-20T16:57:21.000+03:00
add stored xss oob detect
diff --git a/stored-xss-oob.yaml b/stored-xss-oob.yaml
@@ -0,0 +1,14 @@
+generate:
+  - payload:
+    - "><img src=\"http://DNS_MARKER\"><"
+    - "><script src=\"http://DNS_MARKER\"></script>"
+  - method:
+    - postfix
+detect:
+  - delayed_oob:
+    - dns
+meta-info:
+  - applicable_for:
+    - attack_rechecker
+  - threat: 70
+  - type: xss
