Create CVE-2021-34370.yaml
parent
cdd022c29d
commit
8ccc4283ed
|
@ -0,0 +1,20 @@
|
|||
id: CVE-2021-34370
|
||||
|
||||
info:
|
||||
name: Accela Civic Platform 21.1 - Open Redirect & XSS
|
||||
author: 0x_Akoko
|
||||
description: Accela Civic Platform Cross-Site-Scripting and Open Redirect <= 21.1
|
||||
reference: https://www.exploit-db.com/exploits/49990
|
||||
severity: medium
|
||||
tags: xss,redirect,cves
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://example.com/"
|
||||
|
||||
matchers:
|
||||
- type: regex
|
||||
regex:
|
||||
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
|
||||
part: header
|
Loading…
Reference in New Issue