From 3644f0953412895b3e1dc03428b2d1433c45f950 Mon Sep 17 00:00:00 2001
From: Noam Rathaus <noamr@beyondsecurity.com>
Date: Mon, 10 May 2021 09:47:28 +0300
Subject: [PATCH] Refrence also includes explaination and a solution

---
 exposures/configs/git-config-nginxoffbyslash.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/exposures/configs/git-config-nginxoffbyslash.yaml b/exposures/configs/git-config-nginxoffbyslash.yaml
index ceca05ecec..a61a9e8069 100644
--- a/exposures/configs/git-config-nginxoffbyslash.yaml
+++ b/exposures/configs/git-config-nginxoffbyslash.yaml
@@ -5,7 +5,9 @@ info:
   severity: medium
   description: Nginx off-by-slash vulnerability exposes Git configuration.
   tags: config,exposure
-  reference: https://twitter.com/Random_Robbie/status/1262676628167110656
+  reference: |
+    - https://twitter.com/Random_Robbie/status/1262676628167110656
+    - https://github.com/PortSwigger/nginx-alias-traversal/blob/master/off-by-slash.py
 
 requests:
   - method: GET