Skip to content

Commit

Permalink
Update sonarqube-cve-2020-27986-unauth.yml (chaitin#1352)
Browse files Browse the repository at this point in the history 
* Update sonarqube-cve-2020-27986-unauth.yml

* Update sonarqube-cve-2020-27986-unauth.yml
  • Loading branch information
@harris2015
harris2015 authored Jul 6, 2021
1 parent ab52f99 commit f3d74f5
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion pocs/sonarqube-cve-2020-27986-unauth.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ rules:
- method: GET
path: "/api/settings/values"
expression: |
response.status == 200 && response.body.bcontains(bytes(string(b"sonaranalyzer-cs.nuget.packageVersion"))) && response.body.bcontains(bytes(string(b"sonar.core.id"))) && response.content_type.contains("application/json")
response.status == 200 && response.content_type.contains("application/json") && response.body.bcontains(bytes(string(b"sonaranalyzer-cs.nuget.packageVersion"))) && response.body.bcontains(bytes(string(b"sonar.core.id")))
detail:
author: pa55w0rd(www.pa55w0rd.online/)
Affected Version: "sonarqube < 8.4.2.36762"
Expand Down

0 comments on commit f3d74f5

Please sign in to comment.