Create CVE-2020-24550.yaml
parent
1123c6f142
commit
7111fb4bbe
|
@ -0,0 +1,23 @@
|
||||||
|
id: CVE-2020-24550
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: CVE-2020-24550
|
||||||
|
author: dhiyaneshDK
|
||||||
|
severity: medium
|
||||||
|
description: A user-controlled input redirect users to an external website.
|
||||||
|
tags: redirect
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
|
||||||
|
path:
|
||||||
|
- '{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://google.com'
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
words:
|
||||||
|
- "Location: https://google.com"
|
||||||
|
part: header
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 301
|
Loading…
Reference in New Issue