CVE‐2022‐39960 - carnal0wnage/J-PWN GitHub Wiki

CVE-2022-39960

Category: [Information Disclosure]

module name: check_cve_2022_39960

url: /plugins/servlet/groupexportforjira/admin/json POST Request

INFO: IN-DEVELOPMENT Checking for CVE-2022-39960 Netic Group Export Vulnerability
[Testing URL]: https://JIRASERVER/plugins/servlet/groupexportforjira/admin/json
- Redirected (302): https://JIRASERVER/plugins/servlet/groupexportforjira/admin/json
- Location Header: https://JIRASERVER/login.jsp?os_destination=https%3A%2F%2Fjira.chinacamel.com%2Fplugins%2Fservlet

[CG] Havent found a vulnerable one yet. will update with other responses

references:

https://github.com/projectdiscovery/nuclei-templates/blob/54d78a0552a78cccafa3435bbdd42dff4b568c27/http/cves/2022/CVE-2022-39960.yaml#L4
https://marketplace.atlassian.com/apps/1222388/group-export-for-jira/version-history
https://nvd.nist.gov/vuln/detail/CVE-2022-39960
https://github.com/ARPSyndicate/kenzer-templates
https://github.com/Henry4E36/POCS