daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

lint

patch-1
Dhiyaneshwaran 2023-11-23 17:26:24 +05:30 committed by GitHub
parent bf6b248497
commit 97d92e76e7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
http/cves/2023/CVE-2023-26347.yaml
View File

@ -8,7 +8,7 @@ info:
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2023-26347
- https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html
- https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html
remediation: |
Update to the latest version of Adobe Coldfusion
classification:
@ -32,7 +32,7 @@ http:
- raw:
- |
GET /hax/..CFIDE/adminapi/administrator.cfc?method=getBuildNumber&_cfclient=true HTTP/1.1
Host: {{Hostname}}
Host: {{Hostname}}
matchers-condition: and
matchers: