Update and rename CVE-2015-2863.yaml to cves/2015/CVE-2015-2863.yaml

patch-1
Ritik Chaddha 2023-03-14 14:31:20 +05:30 committed by GitHub
parent 5397ebda38
commit 63a03c75cf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 4 deletions

View File

@ -4,7 +4,8 @@ info:
name: Kaseya Virtual System Administrator - Open Redirect
author: 0x_Akoko
severity: low
description: Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
description: |
Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
reference:
- https://github.com/pedrib/PoC/blob/3f927b957b86a91ce65b017c4b9c93d05e241592/advisories/Kaseya/kaseya-vsa-vuln.txt
- https://www.cvedetails.com/cve/CVE-2015-2863
@ -18,11 +19,12 @@ info:
requests:
- method: GET
path:
- '{{BaseURL}}/inc/supportLoad.asp?urlToLoad=http://example.com'
- '{{BaseURL}}/vsaPres/Web20/core/LocalProxy.ashx?url=http://example.com'
- '{{BaseURL}}/inc/supportLoad.asp?urlToLoad=http://oast.me'
- '{{BaseURL}}/vsaPres/Web20/core/LocalProxy.ashx?url=http://oast.me'
stop-at-first-match: true
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)oast\.me\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1