Access Control: Joomla Solidres 2.13.3 - Cross-Site Scripting¶

Identifier: joomla_solidres_xss

Scanner(s) Support¶

Description¶

Joomla extension for Solidres - Online Booking System & Reservation Software is vulnerable to XSS in GET parameter 'show'.

Reference:

• https://www.exploit-db.com/exploits/51638
• https://cxsecurity.com/issue/WLB-2023070080
• https://cyberlegion.io/joomla-solidres-2-13-3-cross-site-scripting/

Configuration¶

Example¶

Example configuration:

---
security_tests:
  joomla_solidres_xss:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false

Reference¶

assets_allowed¶

Type : List[AssetType]*

List of assets that this check will cover.

skip¶

Type : boolean

Skip the test if true.