/claim #14576 feat: Add high-quality CVE-2018-8581 template with High-Fidelity NTLM Validation

PR Information This PR adds a high-quality Nuclei template for CVE-2018-8581, a Microsoft Exchange Server Elevation of Privilege vulnerability (also known as PrivExchange).

The template has been refined to avoid Weak matchers by enforcing a strict and condition between the OAST (Interactsh) interaction and the successful SOAP SubscribeResponse. This ensures that common Exchange headers alone do not trigger a false positive.

Additional Details This PR supersedes #14578, addressing the requirement for a realistic vulnerable environment.

Vulnerable Environment Validation: The previous mock environment has been upgraded to a High-Fidelity NTLM Simulation.

• It correctly implements the 4-way NTLM handshake (Type 1 -> Type 2 Challenge -> Type 3).
• It processes the SOAP request only after successful NTLM (or Basic) authentication.
• It triggers the OAST interaction upon successful XML parsing. Result: Vulnerability Detected (2 matches: Interactsh + SOAP Success).

Patched Environment Validation: Tested against a mock server simulating the DisablePushNotifications mitigation (returns ErrorPushNotificationsDisabled). Result: No Vulnerability Detected (0 matches).

Nuclei Debug Output (Vulnerable):

[INF] [CVE-2018-8581] Dumped HTTP request
POST /ews/exchange.asmx HTTP/1.1
Authorization: Basic dGVzdDp0ZXN0

[DBG] [CVE-2018-8581] Dumped HTTP response
HTTP/1.1 200 OK
...
<m:SubscribeResponse xmlns:m="...">
  ...
  <m:ResponseCode>NoError</m:ResponseCode>
  ...
</m:SubscribeResponse>

[INF] Received HTTP interaction from ...

References:

• https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8581
• https://github.com/dirkjanm/PrivExchange

(Verified against High-Fidelity Environment)