fscan/WebScan/pocs/spark-api-unauth.yml

name: poc-yaml-spark-api-unauth
rules:
  - method: GET
    path: /v1/submissions
    expression: |
      response.status == 400 && response.body.bcontains(b"Missing an action") && response.body.bcontains(b"serverSparkVersion")
detail:
  author: betta(https://github.com/betta-cyber)
  links:
    - https://xz.aliyun.com/t/2490