projectdiscovery · ritikchaddha · Feb 22, 2024 · Feb 22, 2024 · Feb 22, 2024
diff --git a/http/cves/2023/CVE-2023-42344.yaml b/http/cves/2023/CVE-2023-42344.yaml
@@ -1,8 +1,8 @@
 id: CVE-2023-42344
 
 info:
-  name: OpenCMS - Unauthenticated XXE
-  author: x0xr2r
+  name: OpenCMS - XML external entity (XXE)
+  author: 0xr2r
   severity: high
   description: |
     users can execute code without authentication.  An attacker can execute malicious requests on the OpenCms server. When the requests are successful vulnerable OpenCms can be exploited resulting in an unauthenticated XXE vulnerability. Based on research OpenCMS versions from 9.0.0 to 10.5.0 are vulnerable.
@@ -36,4 +36,4 @@ http:
           - "root:.*:0:0:"
           - "invalidArgument"
         condition: and
-# digest: 490a0046304402207109561f9ee225ddc24e0e2428763262bbd09665f2d2e30980f46c87af7476fd02206d213db222bf432261211cadb7e9cdc0f4431ad34f41a444becca4917fa9d2ec:922c64590222798bb761d5b6d8e72950
+# digest: 490a0046304402207109561f9ee225ddc24e0e2428763262bbd09665f2d2e30980f46c87af7476fd02206d213db222bf432261211cadb7e9cdc0f4431ad34f41a444becca4917fa9d2ec:922c64590222798bb761d5b6d8e72950