daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/security-misconfiguration/basic-cors.yaml

19 lines
356 B
YAML
Raw Blame History

id: basic-cors-misconfig
info:
name: Basic CORS misconfiguration
author: nadino
severity: medium
requests:
- method: GET
path:
- "{{BaseURL}}"
headers:
Origin: "https://evil.com"
matchers:
- type: word
words:
- "Access-Control-Allow-Origin: https://evil.com"
part: header
Reference in New Issue View Git Blame Copy Permalink