diff --git a/exposed-panels/wazuh-panel.yaml b/exposed-panels/wazuh-panel.yaml index ce38f35fad..a221088c03 100644 --- a/exposed-panels/wazuh-panel.yaml +++ b/exposed-panels/wazuh-panel.yaml @@ -15,6 +15,7 @@ requests: path: - "{{BaseURL}}/app/login" + matchers-condition: and matchers: - type: word part: body diff --git a/vulnerabilities/wordpress/newsletter-open-redirect.yaml b/vulnerabilities/wordpress/newsletter-open-redirect.yaml index 26583abe23..e391d3ecaf 100644 --- a/vulnerabilities/wordpress/newsletter-open-redirect.yaml +++ b/vulnerabilities/wordpress/newsletter-open-redirect.yaml @@ -11,10 +11,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/?wp_nlm=confirmation&appurl=aHR0cDovL3d3dy5nb29nbGUuY29t" + - "{{BaseURL}}/?wp_nlm=confirmation&appurl=aHR0cHM6Ly9leGFtcGxlLmNvbQ==" matchers: - type: regex - regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)google\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 \ No newline at end of file