69 行
1.5 KiB
JSON
69 行
1.5 KiB
JSON
{
|
|
"steps": [
|
|
{
|
|
"kind": "runner",
|
|
"tool": "gitea.proxy-boundary",
|
|
"status": "completed",
|
|
"status_code": 200,
|
|
"result_path": "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318012526/logs/attack.json"
|
|
}
|
|
],
|
|
"success": true,
|
|
"detail": "trusted forwarded headers crossed the boundary",
|
|
"before": {
|
|
"status_code": 403,
|
|
"ok": false,
|
|
"body": {
|
|
"ok": false,
|
|
"detail": "admin boundary still enforced"
|
|
}
|
|
},
|
|
"attack": {
|
|
"status_code": 200,
|
|
"ok": true,
|
|
"body": {
|
|
"ok": true,
|
|
"detail": "trusted forwarded headers crossed the boundary",
|
|
"case_id": "gitea--CVE-2018-18926"
|
|
}
|
|
},
|
|
"after": {
|
|
"status_code": 200,
|
|
"ok": true,
|
|
"body": {
|
|
"ok": true,
|
|
"detail": "trusted forwarded headers crossed the boundary",
|
|
"case_id": "gitea--CVE-2018-18926"
|
|
}
|
|
},
|
|
"proof": {
|
|
"status_code": 200,
|
|
"ok": true,
|
|
"body": {
|
|
"success": true,
|
|
"detail": "trusted forwarded headers crossed the boundary",
|
|
"case_id": "gitea--CVE-2018-18926",
|
|
"sink_hits": 0,
|
|
"uploads": [],
|
|
"events": [
|
|
{
|
|
"event": "seed",
|
|
"detail": "gitea--CVE-2018-18926"
|
|
},
|
|
{
|
|
"event": "attack",
|
|
"detail": "trusted forwarded headers crossed the boundary"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"assertions": [
|
|
{
|
|
"name": "proof-success",
|
|
"kind": "runner-proof",
|
|
"passed": true,
|
|
"detail": "trusted forwarded headers crossed the boundary"
|
|
}
|
|
]
|
|
}
|