diff --git a/cves/2017/CVE-2017-12138.yaml b/cves/2017/CVE-2017-12138.yaml
index a6f3a42826..6a5302c798 100644
--- a/cves/2017/CVE-2017-12138.yaml
+++ b/cves/2017/CVE-2017-12138.yaml
@@ -14,14 +14,22 @@ info:
     cvss-score: 6.10
     cve-id: CVE-2017-12138
     cwe-id: CWE-601
-  tags: cve,cve2017,redirect,xoops
+  tags: cve,cve2017,redirect,xoops,authenticated
 
 requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/xoops/modules/profile/index.php?op=main&xoops_redirect=https:www.attacker.com'
+  - raw:
+      - |
+        POST /user.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
 
-    stop-at-first-match: true
+        uname={{username}}&pass={{password}}&xoops_redirect=%2Findex.php&op=login
+
+      - |
+        GET /modules/profile/index.php?op=main&xoops_redirect=https:www.attacker.com HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
     matchers:
       - type: regex
         part: header