nuclei-templates/http/misconfiguration/cloudflare-image-ssrf.yaml

24 lines
789 B
YAML

id: cloudflare-external-image-resize
info:
name: Cloudflare External Image Resizing Misconfiguration
author: vavkamil
severity: info
description: Cloudflare Image Resizing defaults to restricting resizing to the same domain. This prevents third parties from resizing any image at any origin. However, you can enable this option if you check Resize images from any origin.
reference:
- https://support.cloudflare.com/hc/en-us/articles/360028146432-Understanding-Cloudflare-Image-Resizing#12345684
tags: cloudflare,misconfig,oast
http:
- raw:
- |
GET /cdn-cgi/image/width/https://{{interactsh-url}} HTTP/1.1
Host: {{Hostname}}
Accept: */*
matchers:
- type: word
part: interactsh_protocol
words:
- "http"