CVE-2022-0437 PoC — Karma 跨站脚本漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-0437.yaml

Associated Vulnerability

Title:Karma 跨站脚本漏洞 (CVE-2022-0437)
Description:Karma是一个简单的工具。允许在多个真实的浏览器中执行 JavaScript 代码。 karma 存在跨站脚本漏洞，该漏洞源于NPM karma 中的 DOM。

Description

NPM karma prior to 6.3.14. contains a DOM-based cross-site Scripting vulnerability.

File Snapshot


 id: CVE-2022-0437

info:
  name: karma-runner DOM-based Cross-Site Scripting
  author: pikpikcu
  se

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.