nuclei-templates/vulnerabilities/other/dedecms-openredirect.yaml

26 lines
511 B
YAML

id: dedecms-openredirect
info:
name: DedeCMS Open Redirect
author: pikpikcu
severity: low
reference:
- https://blog.csdn.net/ystyaoshengting/article/details/82734888
tags: dedecms,redirect
requests:
- method: GET
path:
- "{{BaseURL}}/plus/download.php?open=1&link=aHR0cHM6Ly9ldmlsLmNvbQo="
matchers-condition: and
matchers:
- type: word
words:
- "Location: https://evil.com"
part: header
- type: status
status:
- 302