daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix trail space

patch-4
Dhiyaneshwaran 2024-06-25 14:45:49 +05:30 committed by GitHub
parent 5a5021edb9
commit 14309dcc5c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
http/technologies/nextjs-cache-poisoning.yaml
View File

@ -1,9 +1,8 @@
id: CVE-2023-46298 id: CVE-2023-46298
info: info:
name: Next.js Cache Poisoning name: Next.js Cache Poisoning
author: ProjectDiscoveryAI author: Ice3man543
severity: high severity: high
description: | description: |
Next.js is vulnerable to cache poisoning through the x-middleware-prefetch and x-invoke-status headers. This can result in DoS by serving an empty JSON object or error page instead of the intended content, affecting SSR responses. Next.js is vulnerable to cache poisoning through the x-middleware-prefetch and x-invoke-status headers. This can result in DoS by serving an empty JSON object or error page instead of the intended content, affecting SSR responses.
@ -25,6 +24,7 @@ info:
- http.html:"/_next/static" - http.html:"/_next/static"
- cpe:"cpe:2.3:a:zeit:next.js" - cpe:"cpe:2.3:a:zeit:next.js"
fofa-query: body="/_next/static" fofa-query: body="/_next/static"
tags: cve,cve2023,next-js,cache
variables: variables:
rand: "{{rand_text_numeric(5)}}" rand: "{{rand_text_numeric(5)}}"