CVE-2019-6793 PoC — GitLab 代码问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-6793.yaml

Associated Vulnerability

Title:GitLab 代码问题漏洞 (CVE-2019-6793)
Description:GitLab是美国GitLab公司的一款使用Ruby on Rails开发的、自托管的、Git（版本控制系统）项目仓库应用程序。该程序可用于查阅项目的文件内容、提交历史、Bug列表等。 GitLab（企业版）11.5.8之前版本、11.6.6之前的11.6.x版本和11.7.1之前的11.7.x版本中的Jira integration功能存在代码问题漏洞。该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。

Description

An issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The Jira integration feature is vulnerable to an unauthenticated blind SSRF issue.

File Snapshot


 id: CVE-2019-6793

info:
  name: GitLab Enterprise Edition - Server-Side Request Forgery
  author: r

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!