Merge pull request #9191 from projectdiscovery/name-change

Update CVE-2023-42344.yaml
projectdiscovery · Feb 22, 2024 · b954972 · b954972
2 parents 60ac59c + 2123c19
commit b954972
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/http/cves/2023/CVE-2023-42344.yaml b/http/cves/2023/CVE-2023-42344.yaml
@@ -1,8 +1,8 @@
 id: CVE-2023-42344
 
 info:
-  name: OpenCMS - Unauthenticated XXE
-  author: x0xr2r
+  name: OpenCMS - XML external entity (XXE)
+  author: 0xr2r
   severity: high
   description: |
     users can execute code without authentication.  An attacker can execute malicious requests on the OpenCms server. When the requests are successful vulnerable OpenCms can be exploited resulting in an unauthenticated XXE vulnerability. Based on research OpenCMS versions from 9.0.0 to 10.5.0 are vulnerable.
@@ -36,4 +36,4 @@ http:
           - "root:.*:0:0:"
           - "invalidArgument"
         condition: and
-# digest: 490a0046304402207109561f9ee225ddc24e0e2428763262bbd09665f2d2e30980f46c87af7476fd02206d213db222bf432261211cadb7e9cdc0f4431ad34f41a444becca4917fa9d2ec:922c64590222798bb761d5b6d8e72950
+# digest: 490a0046304402207109561f9ee225ddc24e0e2428763262bbd09665f2d2e30980f46c87af7476fd02206d213db222bf432261211cadb7e9cdc0f4431ad34f41a444becca4917fa9d2ec:922c64590222798bb761d5b6d8e72950