Merge pull request #461 from dwisiswant0/add/CVE-2020-15129

Add CVE-2020-15129
patch-1
bauthard 2020-09-15 19:45:59 +05:30 committed by GitHub
commit e8ef3b5759
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 28 additions and 0 deletions

28
cves/CVE-2020-15129.yaml Normal file
View File

@ -0,0 +1,28 @@
id: CVE-2020-15129
info:
name: Open-redirect in Traefik
author: dwisiswant0
severity: medium
description: There exists a potential open redirect vulnerability in Traefik's handling of the X-Forwarded-Prefix header. Active Exploitation of this issue is unlikely as it would require active header injection, however the Traefik team may want to address this issue nonetheless to prevent abuse in e.g. cache poisoning scenarios.
# Ref:
# - https://securitylab.github.com/advisories/GHSL-2020-140-Containous-Traefik
requests:
- method: GET
path:
- "{{BaseURL}}"
- "{{BaseURL}}:8081"
headers:
X-Forwarded-Prefix: "https://foo.nl"
matchers-condition: and
matchers:
- type: status
status:
- 302
- type: word
words:
- "<a href=\"https://foo.nl/dashboard/\">Found</a>"
condition: or
part: body