daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2020-7961.yaml

patch-1
Prince Chaddha 2021-09-09 11:46:54 +05:30 committed by GitHub
parent 43b45a7b63
commit 90eba9d883
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cves/2020/CVE-2020-7961.yaml
View File

@ -7,6 +7,7 @@ info:
tags: cve,cve2020,rce,liferay
description: Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).
reference:
- https://www.synacktiv.com/en/publications/how-to-exploit-liferay-cve-2020-7961-quick-journey-to-poc.html
- https://codewhitesec.blogspot.com/2020/03/liferay-portal-json-vulns.html
- https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/117954271
@ -43,4 +44,4 @@ requests:
part: body
regex:
- "Microsoft Windows (.*)"
- "Distributor ID: (.*)"
- "Distributor ID: (.*)"