daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix trail space

patch-4
Dhiyaneshwaran 2024-06-25 14:45:49 +05:30 committed by GitHub
parent 5a5021edb9
commit 14309dcc5c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
http/technologies/nextjs-cache-poisoning.yaml
View File

@ -1,9 +1,8 @@
id: CVE-2023-46298
info:
name: Next.js Cache Poisoning
author: ProjectDiscoveryAI
author: Ice3man543
severity: high
description: |
Next.js is vulnerable to cache poisoning through the x-middleware-prefetch and x-invoke-status headers. This can result in DoS by serving an empty JSON object or error page instead of the intended content, affecting SSR responses.
@ -25,6 +24,7 @@ info:
- http.html:"/_next/static"
- cpe:"cpe:2.3:a:zeit:next.js"
fofa-query: body="/_next/static"
tags: cve,cve2023,next-js,cache
variables:
rand: "{{rand_text_numeric(5)}}"