id: sitecore-version info: name: Sitecore version detection author: bernardofsr severity: info tags: sitecore,tech reference: https://www.cvedetails.com/vulnerability-list/vendor_id-9609/Sitecore.html requests: - method: GET path: - "{{BaseURL}}/sitecore/shell/sitecore.version.xml" matchers-condition: and matchers: - type: status status: - 200 - type: word words: - "Sitecore Corporation" part: body extractors: - type: regex group: 1 regex: - "([0-9]+)"