From ddf8cc65270c2adca3064839940e7b526e814a90 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Thu, 1 Sep 2022 13:07:46 +0530
Subject: [PATCH] Update CVE-2021-46073.yaml

---
 cves/2021/CVE-2021-46073.yaml | 40 +++++++++++++++++------------------
 1 file changed, 20 insertions(+), 20 deletions(-)
diff --git a/cves/2021/CVE-2021-46073.yaml b/cves/2021/CVE-2021-46073.yaml
index 2b541329c5..a3a483161a 100644
--- a/cves/2021/CVE-2021-46073.yaml
+++ b/cves/2021/CVE-2021-46073.yaml
@@ -1,25 +1,24 @@
 id: CVE-2021-46073
+
 info:
-  name: Vehicle Service Management System - 'User List' Stored Cross Site Scripting (XSS)
+  name: Vehicle Service Management System - Cross Site Scripting
   author: TenBird
-  severity: Medium
-  description: A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.
+  severity: medium
+  description: |
+    A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-46068
+    - https://github.com/plsanu/Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS
+    - https://www.plsanu.com/vehicle-service-management-system-user-list-stored-cross-site-scripting-xss
+    - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-46073
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 4.8
     cve-id: CVE-2021-46073
-    cwe-id: CWE-79
-  tags: cve,cve2021,Stored XSS,Cross-Site-Script
+  metadata:
+    verified: true
+  tags: cve,cve2021,xss,vms,authenticated
 
 requests:
   - raw:
-
-      - |
-        GET /vehicle_service/admin/login.php HTTP/1.1
-        Host: {{Hostname}}
-
       - |
         POST /vehicle_service/classes/Login.php?f=login HTTP/1.1
         Host: {{Hostname}}
@@ -38,14 +37,15 @@ requests:
         GET /vehicle_service/admin/?page=user/list HTTP/1.1
         Host: {{Hostname}}
 
+    req-condition: true
     redirects: true
+    max-redirects: 2
     cookie-reuse: true
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-      - type: word
-        part: body
-        words:
-          - '"><script>alert(document.domain)</script>'
\ No newline at end of file
+      - type: dsl
+        dsl:
+          - "contains(all_headers_3, 'text/html')"
+          - "status_code_3 == 200"
+          - 'contains(body_3, "<script>alert(document.domain)</script> Test</td>")'
+        condition: and
