nuclei-templates/http/vulnerabilities/jira/jira-unauthenticated-user-p...

27 lines
721 B
YAML

id: jira-unauthenticated-user-picker
info:
name: Jira Unauthenticated User Picker
author: TechbrunchFR
severity: info
metadata:
max-request: 1
shodan-query: http.component:"Atlassian Jira"
product: jira_data_center
vendor: atlassian
tags: atlassian,jira
classification:
cpe: cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*
http:
- method: GET
path:
- "{{BaseURL}}/secure/popups/UserPickerBrowser.jspa"
matchers:
- type: word
words:
- 'user-picker'
# digest: 490a0046304402200087bccdda4eb25b5110e1333de30442f5744e55aa8f2b5db3cf5d01c54e3837022068d85868176036eb3b1420b5aa186064b791ca1486a60f7e1c8fed872ad1f402:922c64590222798bb761d5b6d8e72950