Improve formatting

Also add plexmediaserver-plexpass package as vulnerable

1 files changed, 10 insertions, 9 deletions

diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 5634b054fc10..8e30d138414e 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -63,6 +63,7 @@ Notes:
     <affects>
       <package>
 	<name>plexmediaserver</name>
+	<name>plexmediaserver-plexpass</name>
 	<range><lt>1.13.5.5332</lt></range>
       </package>
     </affects>
@@ -71,17 +72,17 @@ Notes:
 	<p>Chris reports:</p>
 	<blockquote cite="https://seclists.org/fulldisclosure/2018/Aug/1">
 	  <p>The XML parsing engine for Plex Media Server's SSDP/UPNP
-	    functionality is vulnerable to an XML External Entity 
+	    functionality is vulnerable to an XML External Entity
 	    Processing (XXE) attack. Unauthenticated attackers on the same LAN can
 	    use this vulnerability to:</p>
-	  <li>
-	  <ul>Access arbitrary files from the filesystem with the same permission as
-	  the user account running Plex.</ul>
-	  <ul>Initiate SMB connections to capture NetNTLM challenge/response and
-	  crack to clear-text password.</ul>
-	  <ul>Initiate SMB connections to relay NetNTLM challenge/response and
-	  achieve Remote Command Execution in Windows domains.</ul>
-	  </li>
+	  <ul>
+	  <li>Access arbitrary files from the filesystem with the same permission as
+	  the user account running Plex.</li>
+	  <li>Initiate SMB connections to capture NetNTLM challenge/response and
+	  crack to clear-text password.</li>
+	  <li>Initiate SMB connections to relay NetNTLM challenge/response and
+	  achieve Remote Command Execution in Windows domains.</li>
+	  </ul>
 	</blockquote>
       </body>
     </description>