From e0f4437cddc1c9e54b2eb7d4d216369a9e8f975f Mon Sep 17 00:00:00 2001
From: Dwi Siswanto <dwi.siswanto98@gmail.com>
Date: Tue, 15 Sep 2020 00:31:40 +0700
Subject: [PATCH] :fire: Add CVE-2020-15129

---
 cves/CVE-2020-15129.yaml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 cves/CVE-2020-15129.yaml

diff --git a/cves/CVE-2020-15129.yaml b/cves/CVE-2020-15129.yaml
new file mode 100644
index 0000000000..8f65b497ad
--- /dev/null
+++ b/cves/CVE-2020-15129.yaml
@@ -0,0 +1,25 @@
+id: CVE-2020-15129
+
+info:
+  name: Open-redirect in Traefik
+  author: dwisiswant0
+  severity: medium
+  description: There exists a potential open redirect vulnerability in Traefik's handling of the X-Forwarded-Prefix header. Active Exploitation of this issue is unlikely as it would require active header injection, however the Traefik team may want to address this issue nonetheless to prevent abuse in e.g. cache poisoning scenarios.
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+      - "{{BaseURL}}:8081"
+    headers:
+      X-Forwarded-Prefix: "https://foo.nl"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "<a href=\"https://foo.nl/dashboard/\">Found</a>"
+        condition: or
+        part: body
\ No newline at end of file