nuclei-templates/vulnerabilities/generic/basic-cors.yaml

id: basic-cors-misconfig

info:
  name: Basic CORS misconfiguration
  author: nadino
  severity: info
  tags: cors

requests:
  - method: GET
    path:
      - "{{BaseURL}}"
    headers:
      Origin: https://evil.com

    matchers:
      - type: word
        words:
          - "Access-Control-Allow-Origin: https://evil.com"
          - "Access-Control-Allow-Credentials: true"
        condition: and
        part: header