daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2021-44528.yaml

patch-1
Prince Chaddha 2022-01-17 22:19:22 +05:30 committed by GitHub
parent 4f81203546
commit f988ad8ff4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cves/2021/CVE-2021-44528.yaml
View File

@ -7,12 +7,13 @@ info:
description: Specially crafted "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website.
reference:
- https://seclists.org/oss-sec/2021/q4/att-160/7-0-host-authorzation-open-redirect.patch
tags: cve,cve2021,redirect
- https://nvd.nist.gov/vuln/detail/CVE-2021-44528
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10
cve-id: CVE-2021-44528
cwe-id: CWE-601
tags: cve,cve2021,redirect
requests:
- raw: