Fix: Handle full-location redirects in send_request_cgi

- Resolved an issue where redirects with full-location URLs were not properly handled by `send_request_cgi`.
- Implemented a quick solution for now; open to suggestions for a more robust approach.
- Tested behavior without proxy interference, as Burp previously masked the issue.

Author: heyder

modules/exploits/multi/http/wso2_api_manager_file_upload_rce.rb

@@ -160,19 +160,22 @@ def authenticate
     while res.redirect?
       loop_dectector += 1
       res = send_request_cgi(
-        'uri' => res.redirection.to_s,
+        'uri' => "#{res.redirection.path}?#{res.redirection.query}",
         'method' => 'GET',
         'headers' => {
           'Connection' => 'keep-alive'
         },
         'keep_cookies' => true
       )
+
       if res&.get_cookies && res.get_cookies.match(/sessionNonceCookie-(.*)=/)
+        vprint_status('Got session nonce')
         nounce = ::Regexp.last_match(1)
       end
       break if nounce
 
       fail_with(Failure::UnexpectedReply, 'Loop detected') if loop_dectector > 3
+
     end
 
     auth_data = {
@@ -192,7 +195,7 @@ def authenticate
     while res.redirect?
       loop_dectector += 1
       res = send_request_cgi(
-        'uri' => res.redirection.to_s,
+        'uri' => "#{res.redirection.path}?#{res.redirection.query}",
         'method' => 'GET',
         'headers' => {
           'Connection' => 'keep-alive'