Update rules/linux/initial_access_apache_struts_cve_2023_50164_exploitation_to_webshell.toml

Author: terrancedejesus

rules/linux/initial_access_apache_struts_cve_2023_50164_exploitation_to_webshell.toml

@@ -64,7 +64,7 @@ sequence by agent.id with maxspan=10s
 [network where data_stream.dataset == "network_traffic.http" and
     http.request.method == "POST" and
     http.request.body.content like "*WebKitFormBoundary*" and
-    url.path like "*upload*.action"]
+    url.path like~ "*upload*.action"]
 [file where event.dataset == "endpoint.events.file" and
     host.os.type == "linux" and
     event.action == "creation" and