From fed3ab7c9259fd87cfea023ca8000cd4228ba12c Mon Sep 17 00:00:00 2001 From: Andre Eleuterio Date: Fri, 18 Sep 2020 14:23:30 -0300 Subject: [PATCH] Update CVE-2020-15182 links and CWEs --- 2020/15xxx/CVE-2020-15182.json | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/2020/15xxx/CVE-2020-15182.json b/2020/15xxx/CVE-2020-15182.json index 7cafab1a3de..15ff83fff14 100644 --- a/2020/15xxx/CVE-2020-15182.json +++ b/2020/15xxx/CVE-2020-15182.json @@ -61,7 +61,15 @@ "description": [ { "lang": "eng", - "value": "{\"CWE-434\":\"Unrestricted Upload of File with Dangerous Type\"}" + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)" } ] } @@ -75,19 +83,9 @@ "url": "https://github.com/inunosinsi/soycms/security/advisories/GHSA-j2qw-747j-mfv4" }, { - "name": "https://github.com/inunosinsi/soycms/commit/41ec431007b702e77fb1e73d28e2d147ef8c844e", + "name": "https://github.com/inunosinsi/soycms/pull/15", "refsource": "MISC", - "url": "https://github.com/inunosinsi/soycms/commit/41ec431007b702e77fb1e73d28e2d147ef8c844e" - }, - { - "name": "https://github.com/inunosinsi/soycms/commit/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59", - "refsource": "MISC", - "url": "https://github.com/inunosinsi/soycms/commit/e4ef00677ed52f9e5a5fcfcb56b797f5412b5d59" - }, - { - "name": "https://saitodev.co/article/SOY_Inquiry%E3%81%A7RCE%28Remote_Code_Execution%29%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E5%AF%BE%E5%BF%9C%E3%81%97%E3%81%BE%E3%81%97%E3%81%9F", - "refsource": "MISC", - "url": "https://saitodev.co/article/SOY_Inquiry%E3%81%A7RCE%28Remote_Code_Execution%29%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E5%AF%BE%E5%BF%9C%E3%81%97%E3%81%BE%E3%81%97%E3%81%9F" + "url": "https://github.com/inunosinsi/soycms/pull/15" }, { "name": "https://youtu.be/ffvKH3gwyRE",