Merge pull request #6823 from sullo/severity-matching

Match severity with CVSS
2023-03-15 20:48:33 +05:30 · 2023-03-15 20:48:33 +05:30 · 2b5c3c48cc
parent e518430a82 91a3e38f7d
commit 2b5c3c48cc
61 changed files with 221 additions and 287 deletions
--- a/cnvd/2021/CNVD-2021-10543.yaml
+++ b/cnvd/2021/CNVD-2021-10543.yaml
@ -4,12 +4,12 @@ info:
  name: EEA - Information Disclosure
  author: pikpikcu
  severity: high
-  description: EEA is susceptible to information disclosure.
+  description: EEA is susceptible to information disclosure including the username and password.
  reference:
    - https://www.cnvd.org.cn/flaw/show/CNVD-2021-10543
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
    cwe-id: CWE-200
  tags: config,exposure,cnvd,cnvd2021

--- a/default-logins/lutron/lutron-default-login.yaml
+++ b/default-logins/lutron/lutron-default-login.yaml
@ -1,17 +1,17 @@
 id: lutron-default-login

 info:
-  name: Lutron - Default Login
+  name: Lutron - Default Account
  author: geeknik
-  severity: high
+  severity: critical
  description: Multiple Lutron devices contain a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
  reference:
    - https://www.lutron.com
    - https://vulners.com/openvas/OPENVAS:1361412562310113206
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
-    cvss-score: 5.8
-    cwe-id: CWE-522
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cwe-id: CWE-1391
  tags: default-login,lutron,iot

 requests:
--- a/default-logins/ruckus/ruckus-wireless-default-login.yaml
+++ b/default-logins/ruckus/ruckus-wireless-default-login.yaml
@ -8,9 +8,9 @@ info:
  reference:
    - https://docs.commscope.com/bundle/fastiron-08092-securityguide/page/GUID-32D3BB01-E600-4FBE-B555-7570B5024D34.html
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
-    cvss-score: 8.3
-    cwe-id: CWE-522
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cwe-id: CWE-1391
  metadata:
    verified: true
    shodan-query: title:"ruckus"
--- a/exposed-panels/mybb/mybb-forum-install.yaml
+++ b/exposed-panels/mybb/mybb-forum-install.yaml
@ -6,8 +6,8 @@ info:
  severity: high
  description: MyBB installation panel was detected.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
+    cvss-score: 8.6
    cwe-id: CWE-200
  metadata:
    verified: true
--- a/exposed-panels/osticket/osticket-install.yaml
+++ b/exposed-panels/osticket/osticket-install.yaml
@ -3,12 +3,12 @@ id: osticket-install
 info:
  name: osTicket Installer Panel - Detect
  author: ritikchaddha
-  severity: high
+  severity: critical
  description: osTicket installer panel was detected.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
-    cwe-id: CWE-200
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
+    cvss-score: 9.4
+    cwe-id: CWE-284
  metadata:
    verified: true
    shodan-query: http.title:"osTicket Installer"
--- a/exposed-panels/saltstack-config-panel.yaml
+++ b/exposed-panels/saltstack-config-panel.yaml
@ -7,7 +7,7 @@ info:
  description: |
    SaltStack config panel was detected.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
--- a/exposed-panels/solr-panel-exposure.yaml
+++ b/exposed-panels/solr-panel-exposure.yaml
@ -6,8 +6,8 @@ info:
  severity: info
  description: Apache Solr admin panel was detected.
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
-    cvss-score: 8.6
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
--- a/exposed-panels/wagtail-cms-detect.yaml
+++ b/exposed-panels/wagtail-cms-detect.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: The Wagtail panel has been detected.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
--- a/exposures/apis/couchbase-buckets-api.yaml
+++ b/exposures/apis/couchbase-buckets-api.yaml
@ -3,7 +3,7 @@ id: couchbase-buckets-api
 info:
  name: Couchbase Buckets Unauthenticated REST API - Detect
  author: geeknik
-  severity: info
+  severity: medium
  description: Couchbase Buckets REST API without authentication was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
--- a/exposures/configs/django-variables-exposed.yaml
+++ b/exposures/configs/django-variables-exposed.yaml
@ -10,9 +10,9 @@ info:
    - https://docs.djangoproject.com/en/1.11/topics/logging/#django-security
    - https://github.com/projectdiscovery/nuclei-templates/blob/master/file/logs/django-framework-
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
-    cwe-id: CWE-200exceptions.yaml
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
  metadata:
    verified: true
  tags: exposure,config,django
--- a/exposures/configs/gruntfile-exposure.yaml
+++ b/exposures/configs/gruntfile-exposure.yaml
@ -8,8 +8,8 @@ info:
  reference:
    - https://gruntjs.com/sample-gruntfile
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
    cwe-id: CWE-200
  tags: config,exposure

--- a/exposures/configs/htpasswd-detection.yaml
+++ b/exposures/configs/htpasswd-detection.yaml
@ -3,12 +3,12 @@ id: htpasswd-detection
 info:
  name: Apache htpasswd Config - Detect
  author: geeknik
-  severity: info
+  severity: high
  description: Apache htpasswd configuration was detected.
  reference: https://httpd.apache.org/docs/current/programs/htpasswd.html
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
    cwe-id: CWE-200
  tags: config,exposure

--- a/exposures/configs/httpd-config.yaml
+++ b/exposures/configs/httpd-config.yaml
@ -7,8 +7,8 @@ info:
  description: Apache httpd configuration information was detected.
  reference: https://httpd.apache.org/docs/current/configuring.html
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
    cwe-id: CWE-200
  tags: config,exposure,httpd

--- a/exposures/configs/jetbrains-datasources.yaml
+++ b/exposures/configs/jetbrains-datasources.yaml
@ -7,8 +7,8 @@ info:
  description: Jetbrains IDE DataSources configuration information was detected.
  reference: https://www.jetbrains.com
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
    cwe-id: CWE-200
  tags: config,exposure,jetbrains

--- a/exposures/configs/keycloak-openid-config.yaml
+++ b/exposures/configs/keycloak-openid-config.yaml
@ -8,8 +8,8 @@ info:
  reference:
    - https://issues.jboss.org/browse/KEYCLOAK-571
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
    cwe-id: CWE-200
  tags: keycloak,config

--- a/exposures/configs/netbeans-config.yaml
+++ b/exposures/configs/netbeans-config.yaml
@ -8,8 +8,8 @@ info:
  reference:
    - https://netbeans.apache.org/
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
    cwe-id: CWE-200
  tags: netbeans,config,exposure

--- a/exposures/configs/owncloud-config.yaml
+++ b/exposures/configs/owncloud-config.yaml
@ -8,8 +8,8 @@ info:
  reference:
    - https://owncloud.com/
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
    cwe-id: CWE-200
  tags: config,exposure

--- a/exposures/configs/package-json.yaml
+++ b/exposures/configs/package-json.yaml
@ -7,8 +7,8 @@ info:
  description: npm configuration information was detected. All npm packages contain a file, usually in the project root, called package.json - this file holds various metadata relevant to the project.
  reference: https://www.npmjs.com
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
    cwe-id: CWE-200
  tags: config,exposure

--- a/exposures/configs/phpsec-config.yaml
+++ b/exposures/configs/phpsec-config.yaml
@ -7,8 +7,8 @@ info:
  description: phpspec configuration information was detected.
  reference: https://phpspec.net/en/stable/cookbook/configuration.html
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
--- a/exposures/configs/pipfile-config.yaml
+++ b/exposures/configs/pipfile-config.yaml
@ -7,8 +7,8 @@ info:
  description: Pipfile configuration information was detected.
  reference: https://pypi.org/project
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
--- a/exposures/configs/rubocop-config.yaml
+++ b/exposures/configs/rubocop-config.yaml
@ -9,8 +9,8 @@ info:
    - https://raw.githubusercontent.com/maurosoria/dirsearch/master/db/dicc.txt
    - https://github.com/rubocop/rubocop
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
    cwe-id: CWE-200
  metadata:
    verified: true
--- a/iot/lutron-iot-default-login.yaml
+++ b/iot/lutron-iot-default-login.yaml
@ -1,39 +0,0 @@
-id: lutron-iot-default-login
-
-info:
-  name: Lutron IOT Device Default Login Panel - Detect
-  author: geeknik
-  severity: high
-  description: Lutron IOT Device Default login panel was detected.
-  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
-    cwe-id: CWE-200
-  reference:
-    - https://www.lutron.com
-  tags: iot,default-login,lutron,panel
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/login?login=lutron&password=lutron"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "<TITLE>LUTRON</TITLE>"
-          - ">DeviceIP</A>"
-          - ">Get Database Info as XML</A>"
-        condition: and
-
-      - type: word
-        part: header
-        words:
-          - "text/html"
-
-      - type: status
-        status:
-          - 200
-
-# Enhanced by mp on 2023/01/29
--- a/miscellaneous/addeventlistener-detect.yaml
+++ b/miscellaneous/addeventlistener-detect.yaml
@ -1,27 +0,0 @@
-id: addeventlistener-detect
-
-info:
-  name: DOM EventListener - Cross-Site Scripting
-  author: yavolo,dwisiswant0
-  severity: info
-  description: EventListener contains a cross-site scripting vulnerability via the document object model (DOM). An attacker can execute arbitrary script which can then allow theft of cookie-based authentication credentials and launch of  other attacks.
-  reference:
-    - https://portswigger.net/web-security/dom-based/controlling-the-web-message-source
-  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
-  tags: xss,misc
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers:
-      - type: regex
-        part: body
-        regex:
-          - (([\w\_]+)\.)?add[Ee]vent[Ll]istener\(["']?[\w\_]+["']? # Test cases: https://www.regextester.com/?fam=121118
-
-# Enhanced by md on 2022/09/19
--- a/misconfiguration/command-api-explorer.yaml
+++ b/misconfiguration/command-api-explorer.yaml
@ -3,7 +3,7 @@ id: command-api-explorer
 info:
  name: Command API Explorer Panel - Detect
  author: DhiyaneshDK
-  severity: low
+  severity: info
  description: Command API Explorer panel was detected.
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
--- a/misconfiguration/dgraph-dashboard-exposure.yaml
+++ b/misconfiguration/dgraph-dashboard-exposure.yaml
@ -3,7 +3,7 @@ id: dgraph-dashboard-exposure
 info:
  name: Dgraph Ratel Dashboard Exposure Panel - Detect
  author: dhiyaneshDk
-  severity: low
+  severity: info
  description: Dgraph Ratel Dashboard Exposure panel was detected.
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
--- a/misconfiguration/office365-open-redirect.yaml
+++ b/misconfiguration/office365-open-redirect.yaml
@ -3,9 +3,9 @@ id: office365-open-redirect
 info:
  name: Office365 Autodiscover - Open Redirect
  author: dhiyaneshDk
-  severity: low
+  severity: medium
  description: Office365 Autodiscover contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
-  remediation: See https://learn.microsoft.com/en-us/outlook/troubleshoot/connectivity/how-to-suppress-autodiscover-redirect-warning for a workaround.
+  remediation: See the workaround detailed in the Medium post in the references.
  reference:
    - https://medium.com/@heinjame/office365-open-redirect-from-autodiscover-64284d26c168
  classification:
--- a/misconfiguration/pghero-dashboard-exposure.yaml
+++ b/misconfiguration/pghero-dashboard-exposure.yaml
@ -3,11 +3,11 @@ id: pghero-dashboard-exposure
 info:
  name: PgHero Dashboard Exposure Panel - Detect
  author: DhiyaneshDk
-  severity: low
+  severity: medium
  description: PgHero Dashboard Exposure panel was detected.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
    cwe-id: CWE-200
  reference:
    - https://github.com/ankane/pghero
--- a/misconfiguration/unauth-fastvue-dashboard.yaml
+++ b/misconfiguration/unauth-fastvue-dashboard.yaml
@ -6,8 +6,8 @@ info:
  severity: medium
  description: Fastvue Dashboard panel was detected without authentication.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
+    cvss-score: 5.3
    cwe-id: CWE-200
  metadata:
    verified: true
--- a/network/mysql-native-password.yaml
+++ b/network/mysql-native-password.yaml
@ -8,8 +8,8 @@ info:
  reference:
    - https://github.com/Tinram/MySQL-Brute
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
    cwe-id: CWE-200
  tags: network,mysql,bruteforce,db

--- a/vulnerabilities/gnuboard/gnuboard-sms-xss.yaml
+++ b/vulnerabilities/gnuboard/gnuboard-sms-xss.yaml
@ -9,9 +9,9 @@ info:
    - https://sir.kr/g5_pds/4788?page=5
    - https://github.com/gnuboard/gnuboard5/commit/8182cac90d2ee2f9da06469ecba759170e782ee3
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  metadata:
    verified: true
    shodan-query: http.html:"Gnuboard"
--- a/vulnerabilities/gnuboard/gnuboard5-rxss.yaml
+++ b/vulnerabilities/gnuboard/gnuboard5-rxss.yaml
@ -10,9 +10,9 @@ info:
    - https://huntr.dev/bounties/ed317cde-9bd1-429e-b6d3-547e72534dd5/
    - https://vulners.com/huntr/25775287-88CD-4F00-B978-692D627DFF04
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  metadata:
    verified: true
    shodan-query: http.html:"gnuboard5"
--- a/vulnerabilities/gnuboard/gnuboard5-xss.yaml
+++ b/vulnerabilities/gnuboard/gnuboard5-xss.yaml
@ -9,9 +9,9 @@ info:
  reference:
    - https://huntr.dev/bounties/ad2a9b32-fe6c-43e9-9b05-2c77c58dde6a/
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  metadata:
    verified: true
    shodan-query: http.html:"gnuboard5"
--- a/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml
+++ b/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml
@ -8,9 +8,9 @@ info:
  reference:
    - https://www.dionach.com/blog/moodle-jmol-plugin-multiple-vulnerabilities/
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: moodle,xss

 requests:
--- a/vulnerabilities/moodle/moodle-xss.yaml
+++ b/vulnerabilities/moodle/moodle-xss.yaml
@ -9,9 +9,9 @@ info:
    - https://twitter.com/JacksonHHax/status/1391367064154042377
    - https://nvd.nist.gov/vuln/detail/CVE-2021-32478
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: moodle,xss

 requests:
--- a/vulnerabilities/other/carrental-xss.yaml
+++ b/vulnerabilities/other/carrental-xss.yaml
@ -10,9 +10,9 @@ info:
    - https://www.exploit-db.com/exploits/49546
    - https://www.sourcecodester.com/
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  metadata:
    verified: true
    shodan-query: http.html:"Car Rental Management System"
--- a/vulnerabilities/other/kavita-lfi.yaml
+++ b/vulnerabilities/other/kavita-lfi.yaml
@ -3,7 +3,7 @@ id: kavita-lfi
 info:
  name: Kavita - Local File Inclusion
  author: arafatansari
-  severity: medium
+  severity: high
  description: |
    Kavita - Path Traversal is vulnerable to local file inclusion via abusing the Path Traversal filename parameter of the /api/image/cover-upload.
  reference:
--- a/vulnerabilities/other/keycloak-xss.yaml
+++ b/vulnerabilities/other/keycloak-xss.yaml
@ -3,14 +3,14 @@ id: keycloak-xss
 info:
  name: Keycloak <= 8.0 - Cross-Site Scripting
  author: incogbyte
-  severity: info
+  severity: medium
  description: Keycloak 8.0 and prior contains a cross-site scripting vulnerability. An attacker can execute arbitrary script and thus steal cookie-based authentication credentials and launch other attacks.
  reference:
    - https://cure53.de/pentest-report_keycloak.pdf
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: keycloak,xss

 requests:
--- a/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml
+++ b/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml
@ -8,9 +8,9 @@ info:
  reference:
    - https://www.exploit-db.com/exploits/26305
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: edb,xss,squirrelmail,plugin

 requests:
--- a/vulnerabilities/squirrelmail/squirrelmail-vkeyboard-xss.yaml
+++ b/vulnerabilities/squirrelmail/squirrelmail-vkeyboard-xss.yaml
@ -8,9 +8,9 @@ info:
  reference:
    - https://www.exploit-db.com/exploits/34814
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: xss,squirrelmail,plugin,edb

 requests:
--- a/vulnerabilities/weaver/ecology/ecology-arbitrary-file-upload.yaml
+++ b/vulnerabilities/weaver/ecology/ecology-arbitrary-file-upload.yaml
@ -3,13 +3,13 @@ id: ecology-arbitrary-file-upload
 info:
  name: Ecology - Arbitrary File Upload
  author: ritikchaddha
-  severity: medium
+  severity: critical
  description: Ecology contains an arbitrary file upload vulnerability. An attacker can upload arbitrary files to the server, which in turn can be used to make the application execute file content as code, As a result, an attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
  reference:
    - https://mp.weixin.qq.com/s/wH5luLISE_G381W2ssv93g
  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
-    cvss-score: 8.8
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
    cwe-id: CWE-434
  metadata:
    fofa-query: app="泛微-协同办公OA"
--- a/vulnerabilities/wordpress/404-to-301-xss.yaml
+++ b/vulnerabilities/wordpress/404-to-301-xss.yaml
@ -9,9 +9,9 @@ info:
    - https://wpscan.com/vulnerability/4a310b4f-79fa-4b74-93f8-e4522921abe1
    - https://wordpress.org/plugins/404-to-301
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wpscan,wp-plugin,xss,wp,wordpress,authenticated

 requests:
--- a/vulnerabilities/wordpress/analytify-plugin-xss.yaml
+++ b/vulnerabilities/wordpress/analytify-plugin-xss.yaml
@ -12,9 +12,9 @@ info:
    verified: true
    google-query: inurl:/wp-content/plugins/wp-analytify
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wp,wordpress,analytify,wpscan,wp-plugin,xss

 requests:
--- a/vulnerabilities/wordpress/avchat-video-chat-xss.yaml
+++ b/vulnerabilities/wordpress/avchat-video-chat-xss.yaml
@ -12,9 +12,9 @@ info:
  metadata:
    verified: true
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: xss,,wp,wpscan,wordpress,wp-plugin


--- a/vulnerabilities/wordpress/calameo-publications-xss.yaml
+++ b/vulnerabilities/wordpress/calameo-publications-xss.yaml
@ -13,9 +13,9 @@ info:
  metadata:
    verified: true
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wordpress,wp-plugin,xss,wp,wpscan

 requests:
--- a/vulnerabilities/wordpress/checkout-fields-manager-xss.yaml
+++ b/vulnerabilities/wordpress/checkout-fields-manager-xss.yaml
@ -11,9 +11,9 @@ info:
  metadata:
    verified: true
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: xss,wp,wordpress,authenticated,woocommerce,wpscan,wp-plugin

 requests:
--- a/vulnerabilities/wordpress/clearfy-cache-xss.yaml
+++ b/vulnerabilities/wordpress/clearfy-cache-xss.yaml
@ -9,9 +9,9 @@ info:
    - https://wpscan.com/vulnerability/a59e7102-13d6-4f1e-b7b1-75eae307e516
    - https://wordpress.org/plugins/clearfy
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: xss,wp,wordpress,authenticated,clearfy-cache,wpscan,wp-plugin

 requests:
--- a/vulnerabilities/wordpress/curcy-xss.yaml
+++ b/vulnerabilities/wordpress/curcy-xss.yaml
@ -11,9 +11,9 @@ info:
  metadata:
    verified: true
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wp-plugin,xss,wp,wordpress,authenticated,curcy,wpscan

 requests:
--- a/vulnerabilities/wordpress/flow-flow-social-stream-xss.yaml
+++ b/vulnerabilities/wordpress/flow-flow-social-stream-xss.yaml
@ -8,9 +8,9 @@ info:
  reference:
    - https://wpscan.com/vulnerability/8354b34e-40f4-4b70-bb09-38e2cf572ce9
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: xss,wordpress,wpscan

 requests:
--- a/vulnerabilities/wordpress/members-list-xss.yaml
+++ b/vulnerabilities/wordpress/members-list-xss.yaml
@ -8,9 +8,9 @@ info:
  reference:
    - https://wpscan.com/vulnerability/d13f26f0-5d91-49d7-b514-1577d4247648
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wp,wordpress,wp-plugin,xss,wpscan

 requests:
--- a/vulnerabilities/wordpress/modula-image-gallery-xss.yaml
+++ b/vulnerabilities/wordpress/modula-image-gallery-xss.yaml
@ -11,9 +11,9 @@ info:
  metadata:
    verified: true
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: authenticated,wpscan,wp-plugin,xss,wp,wordpress

 requests:
--- a/vulnerabilities/wordpress/new-user-approve-xss.yaml
+++ b/vulnerabilities/wordpress/new-user-approve-xss.yaml
@ -11,9 +11,9 @@ info:
  metadata:
    verified: true
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wordpress,xss,authenticated,wp-plugin,wpscan,wp

 requests:
--- a/vulnerabilities/wordpress/sassy-social-share.yaml
+++ b/vulnerabilities/wordpress/sassy-social-share.yaml
@ -9,9 +9,9 @@ info:
  reference:
    - https://wpscan.com/vulnerability/4631519b-2060-43a0-b69b-b3d7ed94c705
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: xss,wp,wpscan,wordpress,wp-plugin,sassy

 requests:
--- a/vulnerabilities/wordpress/seo-redirection-xss.yaml
+++ b/vulnerabilities/wordpress/seo-redirection-xss.yaml
@ -10,9 +10,9 @@ info:
  reference:
    - https://wpscan.com/vulnerability/b694b9c0-a367-468c-99c2-6ba35bcf21ea
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wordpress,xss,wp-plugin,authenticated,wpscan

 requests:
--- a/vulnerabilities/wordpress/shortpixel-image-optimizer-xss.yaml
+++ b/vulnerabilities/wordpress/shortpixel-image-optimizer-xss.yaml
@ -11,9 +11,9 @@ info:
  metadata:
    verified: true
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: shortpixel,authenticated,wpscan,xss,wp-plugin,wp,wordpress

 requests:
--- a/vulnerabilities/wordpress/woocommerce-pdf-invoices-xss.yaml
+++ b/vulnerabilities/wordpress/woocommerce-pdf-invoices-xss.yaml
@ -9,9 +9,9 @@ info:
    - https://wpscan.com/vulnerability/bc05dde0-98a2-46e3-b2c8-7bdc8c32394b
    - https://wordpress.org/plugins/woocommerce-pdf-invoices-packing-slips/
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: xss,wp,wordpress,woocommerce,authenticated,wpscan,wp-plugin

 requests:
--- a/vulnerabilities/wordpress/wordpress-wordfence-waf-bypass-xss.yaml
+++ b/vulnerabilities/wordpress/wordpress-wordfence-waf-bypass-xss.yaml
@ -8,9 +8,9 @@ info:
  reference:
    - https://twitter.com/naglinagli/status/1382082473744564226
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wordpress,wordfence,xss,bypass

 requests:
--- a/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
+++ b/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
@ -6,9 +6,9 @@ info:
  severity: medium
  description: WordPress Wordfence 7.4.6 is vulnerable to cross-site scripting.
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wordpress,wp-plugin,xss,wordfence

 requests:
--- a/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml
+++ b/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml
@ -10,9 +10,9 @@ info:
    - https://blog.wpscan.com/2021/02/15/zebra-form-xss-wordpress-vulnerability-affects-multiple-plugins.html
    - https://wpscan.com/vulnerability/e4b796fa-3215-43ff-a6aa-71f6e1db25e5
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wordpress,xss,wp,wpscan

 requests:
--- a/vulnerabilities/wordpress/wp-all-export-xss.yaml
+++ b/vulnerabilities/wordpress/wp-all-export-xss.yaml
@ -10,9 +10,9 @@ info:
  reference:
    - https://wpscan.com/vulnerability/de330a59-d64d-40be-86df-98997949e5e4
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wp-plugin,xss,wp,wordpress,authenticated,wpscan

 requests:
--- a/vulnerabilities/wordpress/wp-ambience-xss.yaml
+++ b/vulnerabilities/wordpress/wp-ambience-xss.yaml
@ -10,9 +10,9 @@ info:
    - https://www.exploit-db.com/expl oits/38568
    - https://wpscan.com/vulnerability/c465e5c1-fe43-40e9-894a-97b8ac462381
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wp-plugin,wp,edb,wpscan,wordpress,xss

 requests:
--- a/vulnerabilities/wordpress/wp-code-snippets-xss.yaml
+++ b/vulnerabilities/wordpress/wp-code-snippets-xss.yaml
@ -8,9 +8,9 @@ info:
  reference:
    - https://www.securify.nl/en/advisory/cross-site-scripting-in-code-snippets-wordpress-plugin/
  classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
-    cvss-score: 7.2
-    cwe-id: CWE-79
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 5.4
+    cwe-id: CWE-80
  tags: wordpress,xss,wp-plugin,authenticated

 requests: