Enhancement: cves/2020/CVE-2020-13942.yaml by mp

cves/2020/CVE-2020-13942.yaml

@@ -1,18 +1,19 @@
 id: CVE-2020-13942
 
 info:
-  name: Apache Unomi Remote Code Execution
+  name: Apache Unomi <1.5.2 - Remote Code Execution
   author: dwisiswant0
   severity: critical
   description: |
-    Remote Code Execution in Apache Unomi.
     Apache Unomi allows conditions to use OGNL and MVEL scripting which
     offers the possibility to call static Java classes from the JDK
     that could execute code with the permission level of the running Java process.
-    This vulnerability affects all versions of Apache Unomi prior to 1.5.2. Apache Unomi users should upgrade to 1.5.2 or later.
+    This vulnerability affects all versions of Apache Unomi prior to 1.5.2.
+  remediation: Apache Unomi users should upgrade to 1.5.2 or later.
   reference:
     - https://securityboulevard.com/2020/11/apache-unomi-cve-2020-13942-rce-vulnerabilities-discovered/
     - https://twitter.com/chybeta/status/1328912309440311297
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-13942
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -61,4 +62,6 @@ requests:
           - "(profile|session)(Id|Properties|Segments)"
           - "[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"
         condition: and
-        part: body
+        part: body
+
+# Enhanced by mp on 2022/05/16