Stored XSS with certain Vulnerability

[estebanramos]

Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

The XSS Payload attached triggers an Stored XSS with the vulnerability Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting

{\"Test<img src=x onerror=alert(document.domain)>\":1}

Expected Behavior

No XSS payloads inside a Vulnerability Description should trigger the actual vulnerability

Steps To Reproduce

1. Scan a Keycloak Target with 10.00 - 18.00 Version
2. Go to Vulnerabilities
3. The XSS is Triggered if Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting is found within Nuclei

Environment

- reNgine: 2.0.6
- OS: Kali 2024.1
- Python: 3.11.8
- Docker Engine: 20.10.25
- Docker Compose: 2.23.0
- Browser: Firefox 115.5.0

Anything else?

[github-actions]

👋 Hi @estebanramos,
Issues is only for reporting a bug/feature request. Please read documentation before raising an issue https://rengine.wiki
For very limited support, questions, and discussions, please join reNgine Discord channel: https://discord.gg/azv6fzhNCE
Please include all the requested and relevant information when opening a bug report. Improper reports will be closed without any response.