From 3dcaf4fa44bfbc17814b694c093dd87fa81cd139 Mon Sep 17 00:00:00 2001
From: Ron Desmond <122939143+rhdesmond@users.noreply.github.com>
Date: Fri, 23 May 2025 10:26:10 -0700
Subject: [PATCH] Improve GHSA-jqqh-999x-w26w

---
 .../2022/05/GHSA-jqqh-999x-w26w/GHSA-jqqh-999x-w26w.json  | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/advisories/github-reviewed/2022/05/GHSA-jqqh-999x-w26w/GHSA-jqqh-999x-w26w.json b/advisories/github-reviewed/2022/05/GHSA-jqqh-999x-w26w/GHSA-jqqh-999x-w26w.json
index 0a4360854bdd5..a692d1ed57d9d 100644
--- a/advisories/github-reviewed/2022/05/GHSA-jqqh-999x-w26w/GHSA-jqqh-999x-w26w.json
+++ b/advisories/github-reviewed/2022/05/GHSA-jqqh-999x-w26w/GHSA-jqqh-999x-w26w.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-jqqh-999x-w26w",
-  "modified": "2024-09-13T15:10:34Z",
+  "modified": "2024-09-13T15:10:35Z",
   "published": "2022-05-02T03:40:27Z",
   "aliases": [
     "CVE-2009-2959"
@@ -9,10 +9,6 @@
   "summary": "Buildbot Cross-site scripting (XSS) vulnerability",
   "details": "Cross-site scripting (XSS) vulnerability in the waterfall web status view (`status/web/waterfall.py`) in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.",
   "severity": [
-    {
-      "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
-    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"
@@ -32,7 +28,7 @@
               "introduced": "0.7.6"
             },
             {
-              "fixed": "0.7.11p3"
+              "fixed": "0.7.12"
             }
           ]
         }