diff --git a/CHANGELOG b/CHANGELOG
index aa4576b40..3e6590df7 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,8 @@
 #Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE][GH#1220] Fix bug in http-vuln-cve2006-3392 that prevented the script to
+  generate the vulnerability report correctly. [rewardone]
+
 o [NSE][GH#1218] Fix bug related to screen rendering in NSE library tn3270. This
   patch also improves the brute force script tso-brute. [mainframed]
 
diff --git a/scripts/http-vuln-cve2006-3392.nse b/scripts/http-vuln-cve2006-3392.nse
index d5edc7622..b9fd44eba 100644
--- a/scripts/http-vuln-cve2006-3392.nse
+++ b/scripts/http-vuln-cve2006-3392.nse
@@ -74,6 +74,6 @@ to bypass the removal of "../" directory traversal sequences.
   if detection_session and detection_session.status == 200 then
     vuln.state = vulns.STATE.EXPLOIT
     stdnse.debug1(detection_session.body)
-    return vuln_report:make_output(detection_session.body)
+    return vuln_report:make_output(vuln)
   end
 end