Fix 5.2.6.yaml

Ahsraeisi · Ahsraeisi · commit 7556d436ff09 · 2024-08-25T18:37:29.000Z
diff --git a/templates/dast/5.2.6.yaml b/templates/dast/5.2.6.yaml
@@ -1,4 +1,4 @@
-id: id: ASVS-4-0-3-V5-2-6
+id: ASVS-4-0-3-V5-2-6
 
 info:
   name: ASVS 5.2.6 Check
@@ -10,7 +10,7 @@ info:
     - https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/19-Testing_for_Server-Side_Request_Forgery
     - https://snbig.github.io/Vulnerable-Pages/ASVS_12_6_1/
     - https://github.com/projectdiscovery/nuclei-templates/blob/main/dast/vulnerabilities/ssrf/response-ssrf.yaml
-    tags: asvs,5.2.6
+  tags: asvs,5.2.6
   description: |
     Verify that the application protects against SSRF attacks, by validating or sanitizing untrusted data or HTTP file metadata, such as filenames and URL input fields, and uses allow lists of protocols, domains, paths and ports.
 
@@ -45,10 +45,8 @@ http:
         fuzz:
           - "{{ssrf}}"
 
-      - part: query
+      - part: body
         mode: single
-        values:
-          - "(https|http|file)(%3A%2F%2F|://)(.*?)"
         fuzz:
           - "{{ssrf}}"
 
