From bd1c118205e9c13e3f1600a03814a77ab7b76025 Mon Sep 17 00:00:00 2001
From: lokiuox <saviosisco@gmail.com>
Date: Wed, 28 Aug 2024 23:47:44 +0200
Subject: [PATCH] More lax version string detection

---
 .../detectors/cves/cve202434102/MagentoCosmicStingXxe.java     | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/doyensec/detectors/magento_cosmicsting_xxe/src/main/java/com/google/tsunami/plugins/detectors/cves/cve202434102/MagentoCosmicStingXxe.java b/doyensec/detectors/magento_cosmicsting_xxe/src/main/java/com/google/tsunami/plugins/detectors/cves/cve202434102/MagentoCosmicStingXxe.java
index 32bebec5f..25e5a6c60 100644
--- a/doyensec/detectors/magento_cosmicsting_xxe/src/main/java/com/google/tsunami/plugins/detectors/cves/cve202434102/MagentoCosmicStingXxe.java
+++ b/doyensec/detectors/magento_cosmicsting_xxe/src/main/java/com/google/tsunami/plugins/detectors/cves/cve202434102/MagentoCosmicStingXxe.java
@@ -166,8 +166,7 @@ private String detectMagentoVersion(NetworkService networkService) {
 
     try {
       HttpResponse response = this.httpClient.send(req, networkService);
-      if (response.status().code() == HttpStatus.OK.code()
-          && response.bodyString().orElse("").startsWith("Magento")) {
+      if (response.status() == HttpStatus.OK && response.bodyString().orElse("").contains("Magento")) {
         String version = response.bodyString().get();
         logger.atInfo().log("Detected Magento version: '%s'", version);
         return version;