diff --git a/dast/vulnerabilities/xss/reflected-xss.yaml b/dast/vulnerabilities/xss/reflected-xss.yaml
index f2c0249faee..d9a45d8038d 100644
--- a/dast/vulnerabilities/xss/reflected-xss.yaml
+++ b/dast/vulnerabilities/xss/reflected-xss.yaml
@@ -15,13 +15,21 @@ http:
   - pre-condition:
       - type: dsl
         dsl:
+          - 'method == "POST"'
           - 'method == "GET"'
+        condition: or
 
     payloads:
       reflection:
         - "'\"><{{first}}>"
 
     fuzzing:
+      - part: body
+        type: postfix
+        mode: single
+        fuzz:
+          - "{{url_encode(reflection)}}"
+
       - part: query
         type: postfix
         mode: single
@@ -47,4 +55,4 @@ http:
         part: content_type
         words:
           - "text/html"
-# digest: 490a00463044022030f20275349609941dc22dc277024f1a68a1e0e01a361d80ec923d1ad1f838ea02202ba948e17d033abf38602d49193da8e3f7b801dde81371e9377af43c6002828a:922c64590222798bb761d5b6d8e72950
\ No newline at end of file
+# digest: 490a00463044022030f20275349609941dc22dc277024f1a68a1e0e01a361d80ec923d1ad1f838ea02202ba948e17d033abf38602d49193da8e3f7b801dde81371e9377af43c6002828a:922c64590222798bb761d5b6d8e72950