Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-27986 PoC — SonarSource SonarQube 安全漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/SonarQube%20values%20%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E%20CVE-2020-27986.md
Associated Vulnerability
Title:SonarSource SonarQube 安全漏洞 (CVE-2020-27986)
Description:SonarSource SonarQube是瑞士SonarSource公司的一套开源的代码质量管理系统。 SonarQube 8.4.2.36762版本存在安全漏洞,攻击者可利用该漏洞通过api设置值URI发现明文SMTP、SVN和GitLab凭证。
File Snapshot

 # SonarQube values 信息泄露漏洞 CVE-2020-27986

## 漏洞描述

SonarQube 某接口存在信息泄露漏洞,可以获取部分敏感信息

## 漏洞影响

```
So

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.