Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Cornerstone OnDemand Panel - Detect

By kannthu

Vidoc logoVidoc Module

What is the "Cornerstone OnDemand Panel - Detect?"

The "Cornerstone OnDemand Panel - Detect" module is designed to detect the presence of the Cornerstone OnDemand panel. Cornerstone OnDemand is a software platform that provides learning and talent management solutions for organizations. This module focuses on identifying the panel and provides information about its configuration or vulnerabilities.

This module has an informative severity level, which means it provides valuable insights and information but does not pose an immediate threat.

Author: righettod


The impact of the Cornerstone OnDemand panel detection module is primarily informational. It helps users identify the presence of the panel and gain insights into its configuration or potential vulnerabilities. This information can be used to assess the security posture of the Cornerstone OnDemand implementation and take appropriate actions to mitigate any identified risks.

How does the module work?

The "Cornerstone OnDemand Panel - Detect" module works by analyzing the HTML body of the target website and searching for specific keywords associated with the Cornerstone OnDemand panel. The module uses the following matching conditions:

Matcher 1: 
- Part: body
- Type: word
- Words: csod-custom, csodcommon
- Negative: false
- Condition: or

This means that if any of the keywords "csod-custom" or "csodcommon" are found in the HTML body, the module will consider the Cornerstone OnDemand panel to be present.

The module does not send any HTTP requests itself, but rather analyzes the response received from the target website.

Example of a matching condition:

  <div class="csod-custom">

In this example, the module would detect the presence of the Cornerstone OnDemand panel based on the presence of the "csod-custom" class in the HTML body.

Module preview

Concurrent Requests (0)
Passive global matcher
word: csod-custom, csodcommon
On match action
Report vulnerability