Enhancement: cves/2022/CVE-2022-0415.yaml by md

cves/2022/CVE-2022-0415.yaml

@@ -1,16 +1,16 @@
 id: CVE-2022-0415
 
 info:
-  name: Gogs < 0.12.6 - Remote Command Execution
+  name: Gogs <0.12.6 - Remote Command Execution
   author: theamanrawat
   severity: high
   description: |
-    Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6.
+    Gogs before 0.12.6 is susceptible to remote command execution via the uploading repository file in GitHub repository gogs/gogs.
   reference:
     - https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-0415
     - https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902
-  remediation: Fixed in version 0.12.6
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0415
+  remediation: Fixed in version 0.12.6.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -79,7 +79,6 @@ requests:
 
         _csrf={{auth_csrf}}&tree_path=/.git/&files={{uuid}}&commit_summary=&commit_message=&commit_choice=direct&new_branch_name=
 
-
     cookie-reuse: true
     matchers-condition: and
     matchers:
@@ -115,3 +114,5 @@ requests:
         regex:
           - ' "uuid": "(.*)"'
         internal: true
+
+# Enhanced by md on 2023/03/28