Update and rename CVE-2020-36365.yaml to cves/2020/CVE-2020-36365.yaml

patch-1
Prince Chaddha 2022-02-03 02:39:33 +05:30 committed by GitHub
parent f42b5dc176
commit 42bc941827
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions

View File

@ -8,12 +8,15 @@ info:
reference:
- https://github.com/smartstore/SmartStoreNET/issues/2113
- https://www.cvedetails.com/cve/CVE-2020-36365
tags: cve,cve2020,redirect,smartstore
- https://github.com/smartstore/SmartStoreNET
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10
cve-id: CVE-2020-36365
cwe-id: CWE-601
metadata:
shodan-query: http.html:'content="Smartstore'
tags: cve,cve2020,redirect,smartstore
requests:
- method: GET
@ -23,6 +26,6 @@ requests:
matchers:
- type: regex
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$'
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1