Publish GHSA-j2v2-3784-vr44

Author: advisory-database[bot]

advisories/github-reviewed/2024/12/GHSA-j2v2-3784-vr44/GHSA-j2v2-3784-vr44.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-j2v2-3784-vr44",
-  "modified": "2024-12-18T22:02:19Z",
+  "modified": "2025-01-23T23:32:20Z",
   "published": "2024-12-18T21:30:56Z",
   "withdrawn": "2024-12-18T22:02:19Z",
   "aliases": [],
   "summary": "Duplicate Advisory: openCart Server-Side Template Injection (SSTI) vulnerability",
   "details": "## Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-xrh7-2gfq-4rcq. This link is maintained to preserve external references.\n\n## Original Description\nOpenCart 4.0.2.3 is vulnerable to Server-Side Template Injection (SSTI) via the Theme Editor Function.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [
     {
       "package": {
@@ -42,6 +47,10 @@
       "type": "WEB",
       "url": "https://github.com/A3h1nt/CVEs/blob/main/OpenCart/Readme.md"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/PawaritSanguanpang/CVEs/blob/main/OpenCart/CVE-2024-36694/README.md"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/opencart/opencart/releases/tag/4.0.2.3"
@@ -52,8 +61,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": "MODERATE",
+    "cwe_ids": [
+      "CWE-94"
+    ],
+    "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2024-12-18T22:02:19Z",
     "nvd_published_at": "2024-12-18T20:15:22Z"