Skip to content

[FALSE-POSITIVE] CVE-2024-2782 #13525

New issue
New issue
Closed
Closed
[FALSE-POSITIVE] CVE-2024-2782#13525
Assignees
pussycat0x
Labels
DoneReady to mergefalse-positiveNuclei template reporting invalid/unexpected result
@chovanecadam

Description

@chovanecadam
chovanecadam
opened on Oct 8, 2025

Template IDs or paths

- CVE-2024-2782

Environment



Steps To Reproduce


The matcher is very weak. Some APIs respond with status code 200 to any request. The matcher for word true is not enough, as other JSON responses may include the word too. It should be fixed with a stronger matcher, e.g. checking if the reponse is exactly "true" or if the response includes other data or HTTP headers.


Relevant dumped responses




Anything else?


No response
Metadata
Metadata
Assignees
Labels
DoneReady to mergefalse-positiveNuclei template reporting invalid/unexpected result
Type
No type
Projects
No projects
Milestone
No milestone
Relationships
None yet
Development
No branches or pull requests
Issue actions