漏洞描述
Jira Service Desk Signup
jira-service-desk-signup: Jira Service Desk Signup
PoC代码[已公开]
id: jira-service-desk-signup
info:
name: Jira Service Desk Signup
author: TechbrunchFR
severity: medium
verified: false
description: |-
Jira Service Desk Signup
tags: jira,servicedesk,signup,unauth
created: 2023/07/07
rules:
r0:
request:
method: POST
path: /servicedesk/customer/user/signup
headers:
Content-Type: application/json
body: '{"email":"invalid","signUpContext":{},"secondaryEmail":"","usingNewUi":true}'
expression: response.status == 400 && response.body.bcontains(b'signup.validation.errors')
expression: r0()