From 2fa4382ef5426cbf78c30ef4daf7772ef5f62b4f Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Fri, 2 Jul 2021 08:23:42 +0530
Subject: [PATCH] Create jfrog-unauth-build-exposed.yaml

---
 .../other/jfrog-unauth-build-exposed.yaml     | 34 +++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 vulnerabilities/other/jfrog-unauth-build-exposed.yaml

diff --git a/vulnerabilities/other/jfrog-unauth-build-exposed.yaml b/vulnerabilities/other/jfrog-unauth-build-exposed.yaml
new file mode 100644
index 0000000000..7ea549cdb9
--- /dev/null
+++ b/vulnerabilities/other/jfrog-unauth-build-exposed.yaml
@@ -0,0 +1,34 @@
+id: jfrog-unauth-build-exposed
+
+info:
+  name: JFrog Unauthentication Builds
+  author: dhiyaneshDK
+  severity: medium
+  tags: jfrog
+
+requests:
+  - raw:
+      - |
+        POST /ui/api/v1/global-search/builds?jfLoader=true HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4271.0 Safari/537.36
+        X-Requested-With: XMLHttpRequest
+        Content-Type: application/json
+        
+        {"name":"","before":"","after":"","direction":"desc","order_by":"date","num_of_rows":100}
+    matchers:
+      - type: word
+        words:
+          - "last_build_number"
+          - "build_name"
+        condition: and
+        part: body
+
+      - type: word
+        words:
+          - application/json
+        part: header
+
+      - type: status
+        status:
+          - 200