vpatch-CVE-2023-6360 AppSec Rule

« vpatch-CVE-2023-6360 »
v0.1 by crowdsecurity
AppSec rule

WordPress My Calendar - SQL Injection (CVE-2023-6360)

Installation

cscli appsec-rules install crowdsecurity/vpatch-CVE-2023-6360

YAML Configuration

1name: crowdsecurity/vpatch-CVE-2023-6360
2description: "WordPress My Calendar - SQL Injection (CVE-2023-6360)"
3rules:
4  - and:
5    - zones:
6      - METHOD
7      match:
8        type: equals
9        value: GET
10    - zones:
11      - ARGS
12      variables:
13      - rest_route
14      match:
15        type: contains
16        value: my-calendar/v1/events
17    - zones:
18      - ARGS
19      variables:
20      - from
21      match:
22        type: libinjectionSQL
23
24labels:
25  type: exploit
26  service: http
27  confidence: 3
28  spoofable: 0
29  behavior: "http:exploit"
30  label: "WordPress My Calendar - SQL Injection"
31  references:
32    - https://medium.com/tenable-techblog/wordpress-mycalendar-plugin-unauthenticated-sql-injection-cve-2023-6360-d272887ddf12
33  classification:
34   - cve.CVE-2023-6360
35   - attack.T1595
36   - attack.T1190
37   - cwe.CWE-89

Hub Appsec rule

« vpatch-CVE-2023-6360 »v0.1 by crowdsecurityAppSec rule

« vpatch-CVE-2023-6360 »
v0.1 by crowdsecurity
AppSec rule