daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added additional path for vulnerability.

patch-1
Sascha Brendel 2023-02-20 14:03:55 +01:00
parent 5a4b9c2893
commit b2a3300357
No known key found for this signature in database
GPG Key ID: 60AAEB9E012092C9
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cves/2023/CVE-2023-23752.yaml
View File

@ -2,7 +2,7 @@ id: CVE-2023-23752
info:
name: Joomla Improper AccessCheck in WebService Endpoint
author: badboycxcc
author: badboycxcc, Sascha Brendel
severity: high
description: |
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
@ -21,6 +21,7 @@ requests:
- method: GET
path:
- '{{BaseURL}}/api/index.php/v1/config/application?public=true'
- '{{BaseURL}}/api/v1/config/application?public=true'
matchers-condition: and
matchers: