daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2018-8033.yaml

patch-1
Prince Chaddha 2022-06-20 21:55:31 +05:30 committed by GitHub
parent 60775ae290
commit 0692e185b9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cves/2018/CVE-2018-8033.yaml
View File

@ -4,7 +4,8 @@ info:
name: Apache OFBiz 16.11.04 - XML Entity Injection
author: pikpikcu
severity: high
description: Apache OFBiz 16.11.04 is susceptible to XML external entity injection (XXE injection).
description: |
Apache OFBiz 16.11.04 is susceptible to XML external entity injection (XXE injection).
reference:
- https://lists.apache.org/thread.html/e8fb551e86e901932081f81ee9985bb72052b4d412f23d89b1282777@%3Cuser.ofbiz.apache.org%3E
- https://nvd.nist.gov/vuln/detail/CVE-2018-8033
@ -29,9 +30,10 @@ requests:
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "root:.*:0:0:"
part: body
- type: status
status:
- 200