PRP: SharePoint Pre-Auth RCE chain #339
Comments
|
if the server is vulnerable to JWT authentication bypass with none algorithm method and also if there is a default client id |
|
Hi @secureness, Thanks for your request! This vulnerability is in scope for the reward program. Please submit our participation form and you can start working on the development. Please keep in mind that the Tsunami Scanner Team will only be able to work at one issue at a time for each participant so please hold on the implementation work for any other requests you might have. Thanks! |
|
Hi @secureness, I have labeled your other issues as "Contributor queue" for now. We are enforcing more strictly the one review per contributor as we cannot keep up with review otherwise. We will review this plugin and then dequeue the other ones progressively. I choose this plugin because it seems to me to be the one that would be the fastest to merge, but let me know if you would prefer to go with the F5 or VMWare ones. If you think I incorrectly labeled one of the issues, please let me know. |
tooryx
added
the
Contributor main
|
I understand, but I also felt that getting the sharepoint one merged would be faster (because I will take us longer to reproduce the VMWare one internally). But it is totally up to you. Just let me know which one you would like to prioritize. |
tooryx
added
Contributor queue
Hi, I have a vulnerable version of the SharePoint server and want to implement a tsunami plugin.
ref: https://starlabs.sg/blog/2023/09-sharepoint-pre-auth-rce-chain/
The text was updated successfully, but these errors were encountered: