Severity Update (#11413)

projectdiscovery · Dec 26, 2024 · fa18425 · fa18425
1 parent 050d1dd
commit fa18425
Show file tree

Hide file tree

Showing 14 changed files with 14 additions and 14 deletions.
diff --git a/dast/vulnerabilities/ssti/oob/blade-oob.yaml b/dast/vulnerabilities/ssti/oob/blade-oob.yaml
@@ -3,7 +3,7 @@ id: blade-oob
 info:
   name: Laravel Blade 11.27.2 - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://laravel.com/docs/11.x/blade
     - https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756

diff --git a/dast/vulnerabilities/ssti/oob/bottle-oob.yaml b/dast/vulnerabilities/ssti/oob/bottle-oob.yaml
@@ -3,7 +3,7 @@ id: bottle-oob
 info:
   name: Bottle - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://bottlepy.org/docs/dev/
     - https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756

diff --git a/dast/vulnerabilities/ssti/oob/chameleon-oob.yaml b/dast/vulnerabilities/ssti/oob/chameleon-oob.yaml
@@ -3,7 +3,7 @@ id: chameleon-oob
 info:
   name: Chameleon - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://chameleon.readthedocs.io/en/latest/
     - https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756

diff --git a/dast/vulnerabilities/ssti/oob/dotjs-oob.yaml b/dast/vulnerabilities/ssti/oob/dotjs-oob.yaml
@@ -3,7 +3,7 @@ id: dotjs-oob
 info:
   name: DotJS - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://github.com/olado/doT
     - https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756

diff --git a/dast/vulnerabilities/ssti/oob/ejs-underscore-oob.yaml b/dast/vulnerabilities/ssti/oob/ejs-underscore-oob.yaml
@@ -3,7 +3,7 @@ id: ejs-underscore-oob
 info:
   name: Ejs AND Underscore - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://ejs.co/
     - https://underscorejs.org/

diff --git a/dast/vulnerabilities/ssti/oob/erb-erubi-erubis-oob.yaml b/dast/vulnerabilities/ssti/oob/erb-erubi-erubis-oob.yaml
@@ -3,7 +3,7 @@ id: erb-erubi-erubis-oob
 info:
   name: Erb OR Erubi OR Erubis - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://rubygems.org/gems/erb
     - https://rubygems.org/gems/erubis

diff --git a/dast/vulnerabilities/ssti/oob/freemarker-oob.yaml b/dast/vulnerabilities/ssti/oob/freemarker-oob.yaml
@@ -3,7 +3,7 @@ id: freemarker-oob
 info:
   name: Freemarker 2.3.33 - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://mvnrepository.com/artifact/org.freemarker/freemarker
     - https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756

diff --git a/dast/vulnerabilities/ssti/oob/groovy-oob.yaml b/dast/vulnerabilities/ssti/oob/groovy-oob.yaml
@@ -3,7 +3,7 @@ id: groovy-oob
 info:
   name: Groovy - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://docs.groovy-lang.org/
     - https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756

diff --git a/dast/vulnerabilities/ssti/oob/jinja2-oob.yaml b/dast/vulnerabilities/ssti/oob/jinja2-oob.yaml
@@ -3,7 +3,7 @@ id: jinja2-oob
 info:
   name: Jinja2 - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://pypi.org/project/Jinja2/
     - https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756

diff --git a/dast/vulnerabilities/ssti/oob/latte-oob.yaml b/dast/vulnerabilities/ssti/oob/latte-oob.yaml
@@ -3,7 +3,7 @@ id: latte-oob
 info:
   name: Latte 3.0.20 - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://github.com/nette/latte
     - https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756

diff --git a/dast/vulnerabilities/ssti/oob/mako-oob.yaml b/dast/vulnerabilities/ssti/oob/mako-oob.yaml
@@ -3,7 +3,7 @@ id: mako-oob
 info:
   name: Mako - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://www.makotemplates.org/
     - https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756

diff --git a/dast/vulnerabilities/ssti/oob/pugjs-oob.yaml b/dast/vulnerabilities/ssti/oob/pugjs-oob.yaml
@@ -3,7 +3,7 @@ id: pugjs-oob
 info:
   name: Pug.js - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://pugjs.org/
     - https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756

diff --git a/dast/vulnerabilities/ssti/oob/tornado-oob.yaml b/dast/vulnerabilities/ssti/oob/tornado-oob.yaml
@@ -3,7 +3,7 @@ id: tornado-oob
 info:
   name: Tornado - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://www.tornadoweb.org/en/stable/guide/templates.html
     - https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756

diff --git a/dast/vulnerabilities/ssti/oob/velocityjs-oob.yaml b/dast/vulnerabilities/ssti/oob/velocityjs-oob.yaml
@@ -3,7 +3,7 @@ id: velocityjs-oob
 info:
   name: VelocityJS 2.0.6 - Out of Band Template Injection
   author: 0xAwali,DhiyaneshDK
-  severity: unknown
+  severity: high
   reference:
     - https://www.npmjs.com/package/velocityjs
     - https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756