diff --git a/http/cves/2021/CVE-2021-21234.yaml b/http/cves/2021/CVE-2021-21234.yaml
index 8b8663c2bf..6ffa6177f5 100644
--- a/http/cves/2021/CVE-2021-21234.yaml
+++ b/http/cves/2021/CVE-2021-21234.yaml
@@ -14,6 +14,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2021-21234
     - https://github.com/lukashinsch/spring-boot-actuator-logview/commit/760acbb939a8d1f7d1a7dfcd51ca848eea04e772
     - https://github.com/lukashinsch/spring-boot-actuator-logview/commit/1c76e1ec3588c9f39e1a94bf27b5ff56eb8b17d6
+    - https://blog.csdn.net/qq_39583774/article/details/123023770#t5
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 7.7
@@ -42,12 +43,14 @@ http:
     matchers:
       - type: dsl
         dsl:
+          - "contains(header,'text/plain')"
           - "regex('root:.*:0:0:', body)"
           - "status_code == 200"
         condition: and
 
       - type: dsl
         dsl:
+          - "contains(header,'text/plain')"
           - "contains(body, 'bit app support')"
           - "contains(body, 'fonts')"
           - "contains(body, 'extensions')"