From aad90ed60c7c87e9932928f81b6a1d5198bda503 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Thu, 15 Jun 2023 22:21:02 +0530
Subject: [PATCH] Update CVE-2019-10098.yaml

---
 http/cves/2019/CVE-2019-10098.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/http/cves/2019/CVE-2019-10098.yaml b/http/cves/2019/CVE-2019-10098.yaml
index ddb7c76019..348bc4013b 100644
--- a/http/cves/2019/CVE-2019-10098.yaml
+++ b/http/cves/2019/CVE-2019-10098.yaml
@@ -5,7 +5,7 @@ info:
   author: ctflearner
   severity: medium
   description: |
-   In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.
+    In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL.
   reference:
     - https://www.exploit-db.com/exploits/47689
     - https://nvd.nist.gov/vuln/detail/CVE-2019-10098
@@ -19,15 +19,15 @@ info:
     cve-id: CVE-2019-10098
     cwe-id: CWE-601
     cpe: cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
-  tags: cve,cve2019,redirect,Apache HTTP server
+  tags: cve,cve2019,redirect,apache,server
 
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/http%3A%2F%2Fwww.evil.com"
+      - "{{BaseURL}}/http%3A%2F%2Fwww.interact.sh"
 
     matchers:
       - type: regex
         part: header
         regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)evil\.com\/?(\/|[^.].*)?$'
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'