diff --git a/cves/CVE-2019-14974.yaml b/cves/CVE-2019-14974.yaml
index 2fa5d22358..b656992177 100644
--- a/cves/CVE-2019-14974.yaml
+++ b/cves/CVE-2019-14974.yaml
@@ -3,7 +3,7 @@ id: CVE-2019-14974
 info:
   name: SugarCRM Enterprise 9.0.0 - Cross-Site Scripting
   author: madrobot
-  severity: medium 
+  severity: low 
 
 requests:
   - method: GET
@@ -15,5 +15,5 @@ requests:
             - 200
       - type: word
         words:
-            - "1337"
+            - "url = window.location.search.split(\"?desktop_url=\")[1]"
         part: body
diff --git a/cves/CVE-2019-19368.yaml b/cves/CVE-2019-19368.yaml
index ea36cf815c..d3f6647704 100644
--- a/cves/CVE-2019-19368.yaml
+++ b/cves/CVE-2019-19368.yaml
@@ -15,5 +15,5 @@ requests:
             - 200
       - type: word
         words:
-            - "1337"
+            - "value=''><sVg/OnLoAD=alert`1337`//'>"
         part: body
diff --git a/vulnerabilities/moodle-filter-jmol-xss.yaml b/vulnerabilities/moodle-filter-jmol-xss.yaml
index 39920237f8..5f35d1a25c 100644
--- a/vulnerabilities/moodle-filter-jmol-xss.yaml
+++ b/vulnerabilities/moodle-filter-jmol-xss.yaml
@@ -15,5 +15,5 @@ requests:
             - 200
       - type: word
         words:
-            - "alert(1337)"
+            - "\"};alert(1337);//"
         part: body