mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 18:27:17 +00:00
1.0 KiB
1.0 KiB
CVE-2023-26256
Description
An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu & Themes" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjFooterNavigationConfig endpoint, it is possible to traverse and read the file system.
POC
Reference
Github
- https://github.com/0x7eTeam/CVE-2023-26256
- https://github.com/ARPSyndicate/cvemon
- https://github.com/aodsec/CVE-2023-26256
- https://github.com/csdcsdcsdcsdcsd/CVE-2023-26256
- https://github.com/jcad123/CVE-2023-26256
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/qs119/CVE-2023-26256
- https://github.com/xhs-d/CVE-2023-26256