admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-01-31 15:53:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(xinclude-injection): reduce false positives with stricter regex

Browse Source 
The previous regex 'root:.*?:[0-9]*:[0-9]*:' was too permissive and matched
content in minified JavaScript code, causing false positives.

Changed to 'root:[^:]*:\d+:\d+:' which:
- Uses [^:]* to only match non-colon characters (respects passwd delimiter)
- Uses \d+ to require at least one digit for UID/GID

Fixes #14775
This commit is contained in:
686f6c61
2026-01-18 13:29:29 +01:00
parent 1fc5a9a72a
commit df18eac3a0
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
dast/vulnerabilities/injection/xinclude-injection.yaml
View File

@@ -35,11 +35,10 @@ http:
name: linux
part: body
regex:
- 'root:.*?:[0-9]*:[0-9]*:'
- 'root:[^:]*:\d+:\d+:'
- type: word
name: windows
part: body
words:
- 'for 16-bit app support'
# digest: 4a0a00473045022100e69db58569b4f4e5f60abf7e90300e73b9999127ef3b07cc6e90798e22187bdd0220062843c2ed9f731d9b4985e0b587e5f3e8ac58c29aa83a84f18d21ca4dcda0e4:922c64590222798bb761d5b6d8e72950