ET WEB_SPECIFIC_APPS Possible CactuShop User Invoices Persistent XSS Attempt

SID: 2011054Rev: 60 viewsHistory

Sourceet/open

CreatedJuly 30, 2010

UpdatedSeptember 10, 2020

Classificationweb-application-attack

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Possible CactuShop User Invoices Persistent XSS Attempt"; flow:established,to_server; http.uri; content:"_invoice.asp"; nocase; content:"script>"; nocase; pcre:"/(alert|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange)/i"; reference:url,www.coresecurity.com/content/cactushop-xss-persistent-vulnerability; reference:cve,2010-1486; classtype:web-application-attack; sid:2011054; rev:6; metadata:created_at 2010_07_30, cve CVE_2010_1486, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_09_10;)

References

url	www.coresecurity.com/content/cactushop-xss-persistent-vulnerability
cve	2010-1486

Metadata

created at2010_07_30

cveCVE-2010-1486

confidenceMedium

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2020_09_10

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!