Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-24763 PoC — JumpServer 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-24763.yaml
Associated Vulnerability
Title:JumpServer 安全漏洞 (CVE-2024-24763)
Description:Jumpserver是中国杭州飞致云信息科技有限公司的一款开源堡垒机。 JumpServer 3.10.0之前版本存在安全漏洞,该漏洞源于攻击者可以构建恶意链接引导用户点击,从而促成钓鱼攻击或跨站脚本攻击。
Description
JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to version 3.10.0, attackers can exploit this vulnerability to construct malicious links, leading users to click on them, thereby facilitating phishing attacks or cross-site scripting attacks. Version 3.10.0 contains a patch for this issue. No known workarounds are available.
File Snapshot

 id: CVE-2024-24763

info:
  name: JumpServer < 3.10.0 - Open Redirect
  author: ritikchaddha
  sever

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.