updated matcher

2021-08-03 20:14:14 +05:30 · 2021-08-03 20:14:14 +05:30 · 1b5420bc4b
parent f59905ced2
commit 1b5420bc4b
1 changed files with 8 additions and 6 deletions
--- a/cves/2021/CVE-2021-37216.yaml
+++ b/cves/2021/CVE-2021-37216.yaml
@ -17,18 +17,20 @@ requests:
      - "{{BaseURL}}/http_header.php"
    headers:
      X-Trigger-XSS: "<script>alert(1)</script>"
+
    matchers-condition: and
    matchers:
+
      - type: word
        part: body
        words:
-          - "\"HTTP_X_TRIGGER_XSS\":\"<script>alert(1)</script>\""
+          - '"HTTP_X_TRIGGER_XSS":"<script>alert(1)</script>"'
+
      - type: word
        part: header
        words:
          - "text/html"
-      - type: word
-        part: header
-        words:
-          - "X-XSS-Protection"
-        negative: true
+
+      - type: dsl
+        dsl:
+          - "!contains(tolower(all_headers), 'x-xss-protection')"