From 4eff79955ef4a83b57c8bf7c35ce313e090c96b3 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Thu, 20 Oct 2022 02:38:01 +0530
Subject: [PATCH] Update mobileiron-log4j-jndi-rce.yaml

---
 vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml b/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml
index d327f0d8a1..b1a3848c40 100644
--- a/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml
+++ b/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml
@@ -38,6 +38,11 @@ requests:
         words:
           - "dns"
 
+      - type: word
+        part: location
+        words:
+          - '/mifs/user/login.jsp?error=1'
+
       - type: regex
         part: interactsh_request
         regex:
@@ -49,5 +54,3 @@ requests:
         group: 1
         regex:
           - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Print extracted ${hostName} in output
-
-# Enhanced by cs on 2022/02/28