From 04ba7d4df1452ba2770b1a8f4c5a21947ad80539 Mon Sep 17 00:00:00 2001
From: MostInterestingBotInTheWorld
 <98333686+MostInterestingBotInTheWorld@users.noreply.github.com>
Date: Thu, 19 May 2022 12:50:07 -0400
Subject: [PATCH] Enhancement: cves/2022/CVE-2022-26352.yaml by mp

---
 cves/2022/CVE-2022-26352.yaml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/cves/2022/CVE-2022-26352.yaml b/cves/2022/CVE-2022-26352.yaml
index 711cc65c7a..873f7f0e6c 100644
--- a/cves/2022/CVE-2022-26352.yaml
+++ b/cves/2022/CVE-2022-26352.yaml
@@ -1,10 +1,10 @@
 id: CVE-2022-26352
 
 info:
-  name: DotCMS Arbitrary File Upload
+  name: DotCMS - Arbitrary File Upload
   author: h1ei1
   severity: critical
-  description: There is an arbitrary file upload vulnerability in the /api/content/ path of the DotCMS management system, and attackers can upload malicious Trojans to obtain server permissions.
+  description: DotCMS management system contains an arbitrary file upload vulnerability via the /api/content/ path which can allow attackers to upload malicious Trojans to obtain server permissions.
   reference:
     - https://blog.assetnote.io/2022/05/03/hacking-a-bank-using-dotcms-rce/
     - https://github.com/h1ei1/POC/tree/main/CVE-2022-26352
@@ -39,3 +39,5 @@ requests:
           - 'contains(body_2, "CVE-2022-26352")'
           - 'status_code_2 == 200'
         condition: and
+
+# Enhanced by mp on 2022/05/19