-
Notifications
You must be signed in to change notification settings - Fork 110
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #179 from sniperax/dev
CVE-2023-23752 Joomla! Webservice - Users,Passwords information disclosure
- Loading branch information
Showing
1 changed file
with
33 additions
and
0 deletions.
There are no files selected for viewing
33 changes: 33 additions & 0 deletions
33
vulnerabilities-CVEd/CVE-2023-23752-Joomla-information-disclosure.bcheck
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
#https://developer.joomla.org/security-centre/894-20230201-core-improper-access-check-in-webservice-endpoints.html | ||
#https://nvd.nist.gov/vuln/detail/CVE-2023-23552 | ||
|
||
metadata: | ||
language: v1-beta | ||
name: "CVE-2023-23752 Unauthenticated information disclosure" | ||
description: "Check for CVE-2023-23752" | ||
author: "sniperax" | ||
tags: "CVE-2023-23752","joomla","unauth","information","disclosure" | ||
|
||
define: | ||
base_path = "/" | ||
potential_path = "/api/index.php/v1/config/application?public=true" | ||
|
||
given host then | ||
send request called check1: | ||
method: "GET" | ||
path: {base_path} | ||
|
||
if "joomla-" in {check1.response.body} then | ||
send request called check2: | ||
method: "GET" | ||
path: {potential_path} | ||
|
||
if {check2.response.status_code} is "200" and "\"type\":\"application\"" in {check2.response.body} and "\"password\":" in {check2.response.body} then | ||
report issue: | ||
severity: high | ||
confidence: firm | ||
detail: "Title: Joomla! < 4.2.8 - Unauthenticated information disclosure" | ||
remediation: "Upgrade to the latest version of Joomla or upgrade to version > 4.2.8" | ||
end if | ||
|
||
end if |