POST Method is not working with -dast [-dast only works with GET]

[megaman777]

Is there an existing issue for this?

• I have searched the existing issues.

Current Behavior

Hi , I hope you are doing well!
I would like to report an issue where POST Method is not working with -dast argument.

id: xss-dast

info:
  name: Reflected XSS in parameters
  author: mega7
  severity: medium
  tags: xss,dast

http:
  - pre-condition:
      - type: dsl
        dsl:
          - 'method == "POST"' ## Here we are

    payloads:
      reflection:
        - "megaman%22%3e%3cmegaman"
        - "megaman%22megaman"
        - "megaman7%3emegaman"
        - "megaman%3c7megaman"

    fuzzing:
      - part: query
        type: postfix
        mode: single
        fuzz:
          - "{{reflection}}"

      - part: path
        type: postfix
        mode: single
        fuzz:
          - "{{reflection}}"

    redirects: false
    extractors:
      - type: regex
        part: body
        regex:
        - 'megaman"><megaman'
        - 'megaman"megaman'
        - "megaman7>megaman"
        - "megaman<7megaman"

• Another thing to look at is to encode dast/vulnerabilities/xss/reflected-xss.yaml payloads:

    payloads:
      reflection:
        - "'\"><{{first}}>"
        - "'><{{first}}>"
        - "\"><{{first}}>"

Thanks and have a nice day!

Expected Behavior

Current Behavior

Steps To Reproduce

Current Behavior

Relevant log output

Environment

- OS: Linux localhost 5.15.167.4-microsoft-standard-WSL2 #1 SMP Tue Nov 5 00:21:55 UTC 2024 x86_64 GNU/Linux
- Nuclei: v3.3.8
- Go: go version go1.23.4 linux/amd64

Anything else?

Thanks!