2 matches found
GO-2026-5473 Nuclei: Environment variable disclosure via Response-Derived DSL Expressions in github.com/projectdiscovery/nuclei
Nuclei: Environment variable disclosure via Response-Derived DSL Expressions in github.com/projectdiscovery/nuclei...
CVE-2026-41645 Nuclei: Environment variable disclosure via Response-Derived DSL Expressions
Nuclei is a vulnerability scanner built on a simple YAML-based DSL. From version 3.0.0 to before version 3.8.0, a vulnerability in Nuclei's expression evaluation engine makes it possible for a malicious target server to inject and execute supported DSL expressions. This happens when HTTP response...