CVE-2020-13662 Exploitation Attempt

Aug 21, 2020 ·

Detecting a open redirect vulnerability via the destination-parameter

Sigma rule (View on GitHub)

 1title: CVE-2020-13662 Exploitation Attempt
 2id: 058da222-af9d-4e54-9fa3-75b200573797
 3status: experimental
 4description: Detecting a open redirect vulnerability via the destination-parameter
 5author: Loginsoft Research Unit
 6references:
 7    - https://blog.detectify.com/2020/07/13/detectify-security-updates-for-13-july/#CVE-2020-13662
 8date: 2020/08/17
 9logsource:
10  product: drupal
11  category: application
12detection:
13    selection:
14        cs-method: 'POST'
15        c-uri|contains:
16            - 'destination*%3Fq%3D//'
17            - 'destination*%3Fq=//'
18        sc-status: '302'
19    condition: selection
20falsepositives:
21  - Unknown
22level: medium```

References

Detectify security updates for 13 July- Blog Detectify

Detectify Security Updates for July including CVE-2020-13662: Drupal Core Open Redirect and CVE-2020-4038: Prisma GraphQL Playground XSS.

Read More

CVE-2020-13662 Exploitation Attempt

Sigma rule (View on GitHub)

References

Detectify security updates for 13 July- Blog Detectify