id: sitecore-version
info:
name: Sitecore version detection
author: bernardofsr
severity: info
reference:
- https://www.cvedetails.com/vulnerability-list/vendor_id-9609/Sitecore.html
tags: sitecore,tech
metadata:
max-request: 1
http:
- method: GET
path:
- "{{BaseURL}}/sitecore/shell/sitecore.version.xml"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "Sitecore Corporation"
part: body
extractors:
- type: regex
group: 1
regex:
- "([0-9]+)"
- type: regex
group: 1
regex:
- "([0-9]+)"
- type: regex
group: 1
regex:
- "([0-9]+)"
- type: regex
group: 1
regex:
- "([0-9]+)"