Update apache-ofbiz-log4j-rce.yaml

vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml

@@ -8,14 +8,15 @@ info:
     Apache OFBiz is affected by a remote code execution vulnerability in the bundled Apache Log4j logging library. Apache Log4j is vulnerable due to insufficient protections on message lookup substitutions when dealing with user controlled input. A remote, unauthenticated attacker can exploit this, via a web request, to execute arbitrary code with the permission level of the running Java process.
   reference:
     - https://issues.apache.org/jira/browse/OFBIZ-12449
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
     - https://ofbiz.apache.org/
+    - https://logging.apache.org/log4j/2.x/security.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-44228
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
     cvss-score: 10.0
     cwe-id: CWE-77
   remediation: Upgrade to Apache OFBiz version 8.12.03 or later.
-  tags: ofbiz,oast,log4j,rce,apache,jndi
+  tags: cve,cve2021,ofbiz,oast,log4j,rce,apache,jndi
 
 requests:
   - raw: