You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Command to reproduce:
The comparison of checking valid login success is very loose as it only checks "!contains(tolower(location), 'error=true')" and 302 that's not sufficient.
I stumbled upon a target where it was redirecting to /org.geoserver.web.GeoServerLoginPage?error=false which gave 302 redirection but it was 404 - Not found after the redirection:
The text was updated successfully, but these errors were encountered:
Nuclei Version: Latest
Template FIle: default-logins/geoserver/geoserver-default-login.yaml
Command to reproduce:
![Screen Shot 2023-03-01 at 8 43 25 AM](https://user-images.githubusercontent.com/54109630/222034510-42e231a7-42ce-441f-995b-849b97ef9510.png)
The comparison of checking valid login success is very loose as it only checks "!contains(tolower(location), 'error=true')" and 302 that's not sufficient.
I stumbled upon a target where it was redirecting to
/org.geoserver.web.GeoServerLoginPage?error=false
which gave 302 redirection but it was 404 - Not found after the redirection:The text was updated successfully, but these errors were encountered: