KevinWu098 · devin-ai-integration · Apr 25, 2026
diff --git a/benchmark/data/tasks/ecvebench-xwiki-platform-003.json b/benchmark/data/tasks/ecvebench-xwiki-platform-003.json
@@ -8,16 +8,11 @@
     "commit": "1c3f22ac6596bece52dc4d474229b2bd948f99f3"
   },
   "hints": {
-    "L0": null,
     "L1": {
-      "area": "Document rendering and content inclusion pipeline"
+      "area": "The vulnerability resides in the platform's class-document rendering infrastructure — the template layer that governs how wiki pages associated with structured data objects are displayed, including how those templates include and render embedded page content."
     },
     "L2": {
-      "description": "A privilege escalation vulnerability exists where a low-privileged user can execute arbitrary scripting macros with the rights of a more privileged document author. The content inclusion mechanism does not properly enforce author-based execution context, allowing user-supplied content to run under an elevated author's permissions rather than the actual content author's context."
-    },
-    "L3": {
-      "area": "Class definition sheet rendering and document inclusion directives",
-      "description": "A privilege escalation vulnerability exists where a low-privileged user can execute arbitrary scripting macros with the rights of a more privileged document author. By binding a shared class definition sheet to their own document and injecting scripting macros, the user's content is included and executed under the sheet author's elevated permissions rather than the content author's own context."
+      "description": "An authorization bypass vulnerability exists in the platform's content-inclusion mechanism: when a privileged template includes content from a user-editable document, the included content executes with the template author's elevated privileges rather than the document author's own permissions. An authenticated low-privileged user can inject scripting macros into their own document, and the platform executes them under the privileged author context, enabling arbitrary code execution and full privilege escalation across the wiki instance."
     }
   },
   "ground_truth": {

diff --git a/benchmark/internal/metadata/GHSA-36fm-j33w-c25f.json b/benchmark/internal/metadata/GHSA-36fm-j33w-c25f.json
@@ -2,7 +2,7 @@
   "ghsa_id": "GHSA-36fm-j33w-c25f",
   "post_patch_commit": "de72760d4a3e1e9be64a10660a0c19e9534e2ec4",
   "noisy_patch": false,
-  "curation_notes": "Re-curation. Patch commit de72760 modified a single file (ClassSheet.xml), adding author=\"target\" to the include macro so included content runs with the target document author's rights instead of the ClassSheet author's rights. Location derived from the patch diff. No sibling files share the same vulnerable include pattern — ObjectSheet.xml uses inline property display, not document inclusion. Vulnerability class auth-bypass confirmed: CWE-863 (Incorrect Authorization) matches the privilege escalation via missing author-context enforcement. Duplicate task file ecvebench-xwiki-platform-004 removed. L3 hints improved to be more specific than L1/L2.",
+  "curation_notes": "Re-curation. Patch commit de72760 modified a single file (ClassSheet.xml), adding author=\"target\" to the include macro so included content runs with the target document author's rights instead of the ClassSheet author's rights. Location derived from the patch diff. No sibling files share the same vulnerable include pattern — ObjectSheet.xml uses inline property display, not document inclusion. Vulnerability class auth-bypass confirmed: CWE-863 (Incorrect Authorization) matches the privilege escalation via missing author-context enforcement. Duplicate task file ecvebench-xwiki-platform-004 removed. Updated hint schema to L1.area + L2.description only (removed L0/L3).",
   "dataset_version": "0.1.0",
   "snapshot_date": "2026-04-26"
 }