id: sitecore-version info: name: Sitecore version detection author: bernardofsr severity: info reference: - https://www.cvedetails.com/vulnerability-list/vendor_id-9609/Sitecore.html tags: sitecore,tech http: - method: GET path: - "{{BaseURL}}/sitecore/shell/sitecore.version.xml" matchers-condition: and matchers: - type: status status: - 200 - type: word words: - "Sitecore Corporation" part: body extractors: - type: regex group: 1 regex: - "([0-9]+)" - type: regex group: 1 regex: - "([0-9]+)" - type: regex group: 1 regex: - "([0-9]+)" - type: regex group: 1 regex: - "([0-9]+)"