From a3e5df6df675bb3d604f3002e55e087439bcc083 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Mon, 6 Nov 2023 12:50:52 +0530
Subject: [PATCH] fixed FP in CVE-2021-28164

---
 http/cves/2021/CVE-2021-28164.yaml | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/http/cves/2021/CVE-2021-28164.yaml b/http/cves/2021/CVE-2021-28164.yaml
index b4b21e083c..70fcb0154f 100644
--- a/http/cves/2021/CVE-2021-28164.yaml
+++ b/http/cves/2021/CVE-2021-28164.yaml
@@ -28,7 +28,22 @@ info:
     product: jetty
   tags: vulhub,cve,cve2021,jetty,packetstorm
 
+flow: http(1) && http(2)
+
 http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/WEB-INF/web.xml"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "</web-app>"
+          - "java.sun.com"
+        condition: and
+        negative: true
+
   - method: GET
     path:
       - "{{BaseURL}}/%2e/WEB-INF/web.xml"
@@ -50,4 +65,3 @@ http:
       - type: status
         status:
           - 200
-# digest: 4a0a00473045022003bd30c55fa8f2e8218980f1f802ddce02e1e25293900726d57eadc8c2759046022100fa7059b3d4b3cb1dad34c592c72b8dad29b0ba964e8b70f6521e92155b602359:922c64590222798bb761d5b6d8e72950
\ No newline at end of file