Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-41810 PoC — Twisted 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-41810.yaml
Associated Vulnerability
Title:Twisted 安全漏洞 (CVE-2024-41810)
Description:Twisted是Twisted Matrix Labs开源的一款使用Python语言编写的事件驱动的开源网络引擎。 Twisted 24.3.0版本及之前版本存在安全漏洞,该漏洞源于应用程序代码允许攻击者控制重定向URL,从而会导致重定向响应HTML主体中出现反射型跨站脚本(XSS)。
Description
Twisted is an event-based framework for internet applications, supporting Python 3.6+. The Twisted web framework's redirectTo function is vulnerable to reflected XSS if an attacker can control the redirect URL. This template tests for an open redirect and XSS vulnerability in the URL parameter. This vulnerability is fixed in 24.7.0rc1.
File Snapshot

 id: CVE-2024-41810

info:
  name: Twisted - Open Redirect & XSS
  author: KoYejune0302,cheoljun99,si

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.