Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-50720 PoC — XWiki Platform 信息泄露漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-50720.yaml
Associated Vulnerability
Title:XWiki Platform 信息泄露漏洞 (CVE-2023-50720)
Description:XWiki Platform是XWiki基金会的一套用于创建Web协作应用程序的Wiki平台。 XWiki Platform 存在信息泄露漏洞,该漏洞源于即使启用了电子邮件地址混淆,XWiki 中基于 Solr 的搜索也会泄露用户的电子邮件地址。
Description
The Solr-based search in XWiki discloses the email addresses of users even when obfuscation of email addresses is enabled. To demonstrate the vulnerability, search for objcontent:email* using XWiki's regular search interface.
File Snapshot

 id: CVE-2023-50720

info:
  name: XWiki < 4.10.15 - Email Disclosure
  author: ritikchaddha
  severi

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.