Instances of ColumbiaSoft’s Document Locator prior to version 7.2 SP4 and 2021.1 are vulnerable to an Improper Authentication/SSRF vulnerability. This template identifies vulnerable instances of the ColumbiaSoft Document Locater application by confirming external DNS interaction/lookups by modifying the value of the client-side SERVER parameter at /api/authentication/login.
View the template here CVE-2023-5830.yaml
References:
https://github.com/advisories/GHSA-j89v-wm7x-4434