search

google / tsunami-security-scanner-plugins

This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.
Apache License 2.0
860 stars 178 forks source link

add plugin CVE-2024-21650 #387

Open YuriyPobezhymov opened 5 months ago

YuriyPobezhymov commented 5 months ago

Hey,

this PR for the Vuln Detector Plugin for https://nvd.nist.gov/vuln/detail/CVE-2024-21650 (see https://github.com/google/tsunami-security-scanner-plugins/issues/366)

In order to verify the vulnerability, I used two different docker environment types, one for the vulnerable version and the other for the fixed version.

To get them pls clone https://github.com/xwiki/xwiki-docker.git. There are several versions of XWiki. I did use all of them for testing purpose. "15" folder contains latest one.

I can show you how to prepare it for testing:

  1. Go to folder with docker-compose.yml;
  2. There is file .env that we can modify for our purposes;
  3. Rename file to .env-true-negative;
  4. Create copy of file with .env-true-positive name;
  5. Change XWIKI_VERSION value there inside to vulnerable one - in my case to 15.7.0 for the current folder case;

To run vulnerable version: docker-compose --env-file .env-true-positive -p xwiki-true-positive up -d

Fixed version: docker-compose --env-file .env-true-negative -p xwiki-true-negative up -d

YuriyPobezhymov commented 4 months ago

@tooryx any updates?

tooryx commented 4 months ago

hi @YuriyPobezhymov,

We are catching up with the backlog, but we are a limited number of people. Please bear with us, we are getting there.

~tooryx

YuriyPobezhymov commented 3 weeks ago

@tooryx, why the PR is still pending? So long time ago...