nuclei-templates/vulnerabilities/x-forwarded-host-injection....

20 lines
432 B
YAML

id: host-header-injection
info:
name: Host Header Injection (x-forwarded-host)
author: melbadry9
severity: low
requests:
- method: GET
# Example of sending some headers to the servers
headers:
# MD5 hash of melbadry9
X-Forwarded-Host: "0021e78f48fe6525798294b7711c6f72.com"
path:
- "{{BaseURL}}/"
matchers:
- type: word
words:
- "0021e78f48fe6525798294b7711c6f72"