nuclei-templates/vulnerabilities/generic/basic-cors.yaml

id: basic-cors-misconfig

info:
  name: Basic CORS misconfiguration
  author: nadino
  severity: low
  tags: cors

requests:
  - method: GET
    path:
      - "{{BaseURL}}"
    headers:
      Origin: https://evil.com

    matchers:
      - type: word
        words:
          - "Access-Control-Allow-Origin: https://evil.com"
          - "Access-Control-Allow-Credentials: true"
        condition: and
        part: header
Basic CORS misconfiguration Detect basic CORS misconfiguration allowing to fetch resources cross-domain 2020-05-04 15:03:50 +00:00			`id: basic-cors-misconfig`

			`info:`
			`name: Basic CORS misconfiguration`
			`author: nadino`
matcher updates 2021-01-11 06:44:22 +00:00			`severity: low`
Adding tags to vulnerabilities and workflows 2021-02-12 05:53:01 +00:00			`tags: cors`
Basic CORS misconfiguration Detect basic CORS misconfiguration allowing to fetch resources cross-domain 2020-05-04 15:03:50 +00:00
			`requests:`
			`- method: GET`
			`path:`
remove / 2020-05-09 08:59:35 +00:00			`- "{{BaseURL}}"`
Basic CORS misconfiguration Detect basic CORS misconfiguration allowing to fetch resources cross-domain 2020-05-04 15:03:50 +00:00			`headers:`
matcher updates 2021-01-11 06:44:22 +00:00			`Origin: https://evil.com`

Basic CORS misconfiguration Detect basic CORS misconfiguration allowing to fetch resources cross-domain 2020-05-04 15:03:50 +00:00			`matchers:`
			`- type: word`
			`words:`
Update syntax 2020-05-25 08:13:15 +00:00			`- "Access-Control-Allow-Origin: https://evil.com"`
matcher updates 2021-01-11 06:44:22 +00:00			`- "Access-Control-Allow-Credentials: true"`
			`condition: and`
Basic CORS misconfiguration Detect basic CORS misconfiguration allowing to fetch resources cross-domain 2020-05-04 15:03:50 +00:00			`part: header`