id: put-method-enabled info: name: PUT method enabled author: xElkomy severity: high reference: https://portswigger.net/kb/issues/00100900_http-put-method-is-enabled tags: injection requests: - raw: - | PUT /testing-put.txt HTTP/1.1 Content-Type: text/plain testing-payload - | GET /testing-put.txt HTTP/1.1 Content-Type: text/plain req-condition: true matchers: - type: dsl dsl: - 'contains(body_2, "testing-payload")'