fix fp CVE-2022-0591.yaml
parent
3dabb68cd2
commit
a3b7335af6
|
@ -2,7 +2,7 @@ id: CVE-2022-0591
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Formcraft3 <3.8.28 - Server-Side Request Forgery
|
name: Formcraft3 <3.8.28 - Server-Side Request Forgery
|
||||||
author: Akincibor
|
author: Akincibor,j4vaovo
|
||||||
severity: critical
|
severity: critical
|
||||||
description: Formcraft3 before version 3.8.2 does not validate the URL parameter in the formcraft3_get AJAX action, leading to server-side request forgery issues exploitable by unauthenticated users.
|
description: Formcraft3 before version 3.8.2 does not validate the URL parameter in the formcraft3_get AJAX action, leading to server-side request forgery issues exploitable by unauthenticated users.
|
||||||
reference:
|
reference:
|
||||||
|
@ -32,3 +32,8 @@ http:
|
||||||
part: interactsh_protocol # Confirms the HTTP Interaction
|
part: interactsh_protocol # Confirms the HTTP Interaction
|
||||||
words:
|
words:
|
||||||
- "http"
|
- "http"
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: interactsh_request
|
||||||
|
words:
|
||||||
|
- "User-Agent: WordPress"
|
||||||
|
|
Loading…
Reference in New Issue