nuclei-templates/cves/2020/CVE-2020-9496.yaml

46 lines
1.4 KiB
YAML

id: CVE-2020-9496
info:
name: Apache OFBiz XML-RPC Java Deserialization
author: dwisiswant0
severity: medium
description: XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
reference:
- http://packetstormsecurity.com/files/158887/Apache-OFBiz-XML-RPC-Java-Deserialization.html
- http://packetstormsecurity.com/files/161769/Apache-OFBiz-XML-RPC-Java-Deserialization.html
- https://securitylab.github.com/advisories/GHSL-2020-069-apache_ofbiz
- https://s.apache.org/l0994
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2020-9496
cwe-id: CWE-79,CWE-502
tags: cve,cve2020,apache,java,ofbiz
requests:
- raw:
- |
POST /webtools/control/xmlrpc HTTP/1.1
Host: {{Hostname}}
Origin: http://{{Hostname}}
Content-Type: application/xml
<?xml version="1.0"?><methodCall><methodName>ProjectDiscovery</methodName><params><param><value>dwisiswant0</value></param></params></methodCall>
matchers-condition: and
matchers:
- type: word
words:
- "faultString"
- "No such service [ProjectDiscovery]"
- "methodResponse"
condition: and
part: body
- type: word
words:
- "Content-Type: text/xml"
part: header
- type: status
status:
- 200