From e12268f1de5ae4dc6151e83749db42399948c5d1 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Thu, 14 Jul 2022 08:30:40 +0000
Subject: [PATCH] Auto Generated CVE annotations [Thu Jul 14 08:30:40 UTC 2022]
 :robot:

---
 cves/2021/CVE-2021-29484.yaml | 6 +++---
 cves/2022/CVE-2022-1946.yaml  | 7 ++++++-
 cves/2022/CVE-2022-2290.yaml  | 5 +++++
 3 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/cves/2021/CVE-2021-29484.yaml b/cves/2021/CVE-2021-29484.yaml
index 937184490c..066c94b888 100644
--- a/cves/2021/CVE-2021-29484.yaml
+++ b/cves/2021/CVE-2021-29484.yaml
@@ -11,10 +11,10 @@ info:
     - https://www.npmjs.com/package/ghost
     - https://forum.ghost.org/t/critical-security-update-available-for-ghost-4-x/22290
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.1
+    cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
+    cvss-score: 6.8
     cve-id: CVE-2021-29484
-    cwe-id: CWE-79
+    cwe-id: CWE-79,CWE-79
   tags: cve,cve2021,xss,ghost
 
 requests:
diff --git a/cves/2022/CVE-2022-1946.yaml b/cves/2022/CVE-2022-1946.yaml
index 73bf0e716d..3bd3f2a941 100644
--- a/cves/2022/CVE-2022-1946.yaml
+++ b/cves/2022/CVE-2022-1946.yaml
@@ -9,9 +9,14 @@ info:
     - https://wpscan.com/vulnerability/0903920c-be2e-4515-901f-87253eb30940
     - https://wordpress.org/plugins/gallery-album
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1946
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-1946
+    cwe-id: CWE-79
   metadata:
-    verified: true
     google-dork: inurl:"/wp-content/plugins/gallery-album/"
+    verified: "true"
   tags: cve,cve2022,wp-plugin,xss,wp,wordpress,gallery,unauth
 
 requests:
diff --git a/cves/2022/CVE-2022-2290.yaml b/cves/2022/CVE-2022-2290.yaml
index 24af792d3f..23e4bc464f 100644
--- a/cves/2022/CVE-2022-2290.yaml
+++ b/cves/2022/CVE-2022-2290.yaml
@@ -10,6 +10,11 @@ info:
     - https://github.com/zadam/trilium
     - https://nvd.nist.gov/vuln/detail/CVE-2022-2290
     - https://github.com/zadam/trilium/commit/3faae63b849a1fabc31b823bb7af3a84d32256a7
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-2290
+    cwe-id: CWE-79
   metadata:
     shodan-query: title:"Trilium Notes"
     verified: "true"