From c95c75f5d6ca89a37be5a8d92fbf2e4dfa2d78f9 Mon Sep 17 00:00:00 2001
From: wy876 <139549762+wy876@users.noreply.github.com>
Date: Thu, 26 Oct 2023 20:28:27 +0800
Subject: [PATCH] =?UTF-8?q?Update=20JumpServer=E6=9C=AA=E6=8E=88=E6=9D=83?=
 =?UTF-8?q?=E6=BC=8F=E6=B4=9E.md?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 JumpServer未授权漏洞.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/JumpServer未授权漏洞.md b/JumpServer未授权漏洞.md
index 8e265f0..24533b1 100644
--- a/JumpServer未授权漏洞.md
+++ b/JumpServer未授权漏洞.md
@@ -5,7 +5,10 @@
 
 3.6.0 <= JumpServer <= 3.6.3
 
-
+## fofa
+```
+icon_hash="-1162630024"
+```
 ## POC
 
 JumpServer 是一款开源的堡垒机。 在JumpServer受影响版本中，由于/api/v1/terminal/sessions/接口没有添加权限认证，未授权的攻击者可以通过访问/api/v1/terminal/sessions/?limit=1，获取堡垒机terminal的session信息