json-web-services-api<\\/title>.*" - type: word part: header words: - "text/html" - type: status status: - 200 # digest: 4a0a004730450220695acea3dabd2798ea3196ba5e992e1ca3b9a927e506737a04d37d52bda6a1f60221009a1ff695b57debd14af1db8bb486405e481b05c6d874cc70df01602e02bf1a8e:922c64590222798bb761d5b6d8e72950

id: liferay-jsonws

info:
  name: Liferay /api/jsonws - API Exposed
  author: DhiyaneshDk
  severity: low
  description: Liferay /api/jsonws - API is Exposed.
  reference:
    - https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LiferayAPI.java
    - https://liferay.dev/blogs/-/blogs/securing-the-api-jsonws-ui?_com_liferay_blogs_web_portlet_BlogsPortlet_showFlags=true&scroll=_com_liferay_blogs_web_portlet_BlogsPortlet_discussionContainer
  classification:
    cpe: cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: liferay
    product: liferay_portal
    shodan-query: title:"Liferay"
  tags: liferay,exposure,api,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}/api/jsonws"

    matchers-condition: and
    matchers:
      - type: regex
        part: body
        regex:
          - ".*<title>json-web-services-api<\\/title>.*"

      - type: word
        part: header
        words:
          - "text/html"

      - type: status
        status:
          - 200
# digest: 4a0a004730450220695acea3dabd2798ea3196ba5e992e1ca3b9a927e506737a04d37d52bda6a1f60221009a1ff695b57debd14af1db8bb486405e481b05c6d874cc70df01602e02bf1a8e:922c64590222798bb761d5b6d8e72950