Skip to content

add: cve-2021-41773-apache-path-trav.js #248

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 7, 2021
Merged

add: cve-2021-41773-apache-path-trav.js #248

merged 1 commit into from
Oct 7, 2021

Conversation

@kingthorin
Copy link
Member

@kingthorin kingthorin commented Oct 5, 2021

  • Add new targeted script.
  • Add changelog note.

Signed-off-by: kingthorin kingthorin@users.noreply.github.com

@kingthorin
Copy link
Member Author

kingthorin commented Oct 5, 2021
edited
Loading

Added as targeted as: zaproxy/zaproxy#5595 is still outstanding.

thc202
thc202 reviewed Oct 6, 2021
View reviewed changes
@kingthorin kingthorin force-pushed the cve202141773-apache branch from 594c598 to b6cd9d6 Compare October 6, 2021 12:46
@kingthorin
Copy link
Member Author

kingthorin commented Oct 6, 2021

Tweaked

@thc202
Copy link
Member

thc202 commented Oct 6, 2021

Thank you!

@ricekot
Copy link
Member

ricekot commented Oct 6, 2021

Not a requirement, but could add relevant alert tags.

@kingthorin
Copy link
Member Author

kingthorin commented Oct 6, 2021
edited
Loading

Note I believe this could also be done with a Custom Payload for the Hidden Files scan rule:
image

@kingthorin
add: cve-2021-41773-apache-path-trav.js
dd6a5c6 
- Add new targeted script.
- Add changelog note.

Signed-off-by: kingthorin <kingthorin@users.noreply.github.com>
@kingthorin kingthorin force-pushed the cve202141773-apache branch from b6cd9d6 to dd6a5c6 Compare October 7, 2021 10:59
@kingthorin
Copy link
Member Author

kingthorin commented Oct 7, 2021

Rebased

@thc202
Copy link
Member

thc202 commented Oct 7, 2021

Still looking good.

@psiinon psiinon merged commit fcadb8f into zaproxy:main Oct 7, 2021
@kingthorin kingthorin deleted the cve202141773-apache branch October 7, 2021 11:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@psiinon psiinon psiinon approved these changes

@thc202 thc202 thc202 approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@kingthorin @thc202 @ricekot @psiinon