From 0187934d32ae50d2d9e2f3054adcc730b96ab0f4 Mon Sep 17 00:00:00 2001
From: Roberto Nunes <46332131+Akokonunes@users.noreply.github.com>
Date: Mon, 31 May 2021 19:51:44 +0900
Subject: [PATCH] Create oracle-ebusiness-openredirect.yaml

---
 oracle-ebusiness-openredirect.yaml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 oracle-ebusiness-openredirect.yaml

diff --git a/oracle-ebusiness-openredirect.yaml b/oracle-ebusiness-openredirect.yaml
new file mode 100644
index 0000000000..682b6496e8
--- /dev/null
+++ b/oracle-ebusiness-openredirect.yaml
@@ -0,0 +1,24 @@
+id: oracle-ebusiness-openredirect
+
+info:
+  name: Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect
+  author: 0x_Akoko
+  severity: low
+  reference: https://www.exploit-db.com/exploits/43592
+  tags: Oracle,redirect
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/plus/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=/\example.com"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Location: https://example.com"
+        part: header
+
+      - type: status
+        status:
+          - 302