daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create CVE-2021-44528.yaml (#3342)

patch-1
Geeknik Labs 2021-12-15 09:13:07 -06:00 committed by GitHub
parent 937205ec38
commit 9c169bd682
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
cves/2021/CVE-2021-44528.yaml Normal file
View File

@ -0,0 +1,31 @@
id: CVE-2021-44528
info:
name: Open Redirect in Host Authorization Middleware
author: geeknik
severity: low
description: Specially crafted "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.
reference:
- https://seclists.org/oss-sec/2021/q4/att-160/7-0-host-authorzation-open-redirect.patch
tags: cve,cve2021,redirect
requests:
- raw:
- |
GET / HTTP/1.1
Host: {{Hostname}}
X-Forwarded-Host: //example.com
matchers-condition: and
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$'
- type: status
status:
- 301
- 302
- 307
- 308