diff --git a/bugcrowd_templates.gemspec b/bugcrowd_templates.gemspec
index 5478cf7b..b2a22b20 100644
--- a/bugcrowd_templates.gemspec
+++ b/bugcrowd_templates.gemspec
@@ -19,7 +19,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
   spec.required_ruby_version = '>= 3.0'
 
-  spec.add_development_dependency 'bundler', '~> 2.6.3'
+  spec.add_development_dependency 'bundler', '~> 2.7.1'
   spec.add_development_dependency 'pry', '~> 0.14.2'
   spec.add_development_dependency 'rake', '~> 13.0.6'
   spec.add_development_dependency 'rspec', '~> 3.12'
diff --git a/submissions/description/cloud_security/guidance.md b/submissions/description/cloud_security/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/guidance.md b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/overly_permissive_iam_roles/guidance.md b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/overly_permissive_iam_roles/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/overly_permissive_iam_roles/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/overly_permissive_iam_roles/recommendations.md b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/overly_permissive_iam_roles/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/overly_permissive_iam_roles/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/overly_permissive_iam_roles/template.md b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/overly_permissive_iam_roles/template.md
new file mode 100644
index 00000000..cad5ac6b
--- /dev/null
+++ b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/overly_permissive_iam_roles/template.md
@@ -0,0 +1,17 @@
+Overly permissive Identity and Access Management (IAM) roles grant more permissions than necessary for a user or service to perform the intended functions of their role. A lack of least privilege creates a larger attack surface, allowing an attacker who compromises an entity with an overly permissive role to perform a larger set of actions. This can lead to unauthorized access, data manipulation, or full control over cloud resources.
+
+**Business Impact**
+
+This vulnerability can result in financial losses and regulatory fines, as well as reputational damage and a loss of customer trust.
+
+**Steps to Reproduce**
+
+1. Identify the following IAM role or policy that appears to have excessive permissions: {{IAM role/policy}}
+1. Perform an action that is outside the normal scope of the role's intended function but is permitted by its overly broad policy: {{unintended action}}
+1. Observe that the unintended action is successfully executed, demonstrating the excessive permissions
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/publicly_accessible_iam_credentials/guidance.md b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/publicly_accessible_iam_credentials/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/publicly_accessible_iam_credentials/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/publicly_accessible_iam_credentials/recommendations.md b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/publicly_accessible_iam_credentials/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/publicly_accessible_iam_credentials/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/publicly_accessible_iam_credentials/template.md b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/publicly_accessible_iam_credentials/template.md
new file mode 100644
index 00000000..b2ca3397
--- /dev/null
+++ b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/publicly_accessible_iam_credentials/template.md
@@ -0,0 +1,18 @@
+Publicly accessible IAM credentials occur when cloud access keys, secret keys, or other authentication tokens are exposed in public repositories, such as GitHub or public S3 buckets, logs, or insecure configurations. These credentials grant direct access to cloud accounts and resources. An attacker identifying these credentials can immediately gain unauthorized access, bypassing traditional security controls.
+
+**Business Impact**
+
+This vulnerability can result in data theft, deletion of critical resources, deployment of malicious infrastructure, and significant financial fraud. The business can face severe reputational damage, regulatory non-compliance, and loss of data and customer trust.
+
+**Steps to Reproduce**
+
+1. Use public code scanning tools, search engines, or specific credential-finding tools to search for exposed cloud credentials: {{tool or search query}}
+1. Observe that a set of publicly accessible IAM access keys and secret keys is visible at the following location: {{location of exposed credentials}}
+1. Run the following command to list or access resources in the associated cloud account: {{test PoC command}}
+1. Observe that access is gained to the cloud account and its resources
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/recommendations.md b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/template.md b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/template.md
new file mode 100644
index 00000000..df4f24da
--- /dev/null
+++ b/submissions/description/cloud_security/identity_and_access_management_iam_misconfigurations/template.md
@@ -0,0 +1,18 @@
+Identity and Access Management (IAM) misconfigurations allows unauthorized users or services to perform actions they shouldn't be able to. This can occur when there are overly permissive permissions, roles are incorrectly assigned, or policies are not granular enough. An attacker exploiting this vulnerability could gain elevated privileges, access sensitive resources, or disrupt cloud services.
+
+**Business Impact**
+
+This vulnerability can lead to unauthorized data access, modification, or deletion, compromising data confidentiality and integrity. It can also result in financial losses due to unexpected cloud resource consumption or regulatory fines for compliance breaches.
+
+**Steps to Reproduce**
+
+1. Identify a cloud resource (e.g., S3 bucket, EC2 instance) with potentially misconfigured IAM policies: {{resource url}}
+1. Attempt to access or modify the resource using credentials with insufficient intended permissions, or by exploiting an overly permissive role: {{attacker_role_or_credentials}}
+1. Execute a command or API call that should normally be restricted: {{malicious_command}}
+1. Observe that the unauthorized action is successfully performed
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/logging_and_monitoring_issues/disabled_or_insufficient_logging/guidance.md b/submissions/description/cloud_security/logging_and_monitoring_issues/disabled_or_insufficient_logging/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/logging_and_monitoring_issues/disabled_or_insufficient_logging/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/logging_and_monitoring_issues/disabled_or_insufficient_logging/recommendations.md b/submissions/description/cloud_security/logging_and_monitoring_issues/disabled_or_insufficient_logging/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/logging_and_monitoring_issues/disabled_or_insufficient_logging/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/logging_and_monitoring_issues/disabled_or_insufficient_logging/template.md b/submissions/description/cloud_security/logging_and_monitoring_issues/disabled_or_insufficient_logging/template.md
new file mode 100644
index 00000000..2088893d
--- /dev/null
+++ b/submissions/description/cloud_security/logging_and_monitoring_issues/disabled_or_insufficient_logging/template.md
@@ -0,0 +1,18 @@
+Disabled or insufficient logging occurs where critical security logs are either completely turned off, or the level of detail captured is inadequate for effective security monitoring and incident response. This can apply to various cloud services, including virtual machines, databases, serverless functions, and network flow logs. An attacker who gains access to the system with disabled or insufficient logging is able to do so undetected by security teams.
+
+**Business Impact**
+
+This vulnerability can result in financial losses and regulatory fines, as well as reputational damage and a loss of customer trust.
+
+**Steps to Reproduce**
+
+1. Identify the cloud service or resource where logging is expected to be enabled: {{service or resource}}
+2. Review the logging configuration for this service or resource to determine if logging is disabled or set to a minimal level: {{logging configuration}}
+3. Perform an action that should generate security logs (e.g., failed login attempts, unauthorized access attempts, configuration changes): {{action that should generate logs}}
+4. Attempt to retrieve logs related to this action. Observe that no logs are generated, or that the logs lack the necessary detail to understand the action, confirming disabled or insufficient logging.
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/logging_and_monitoring_issues/guidance.md b/submissions/description/cloud_security/logging_and_monitoring_issues/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/logging_and_monitoring_issues/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/logging_and_monitoring_issues/recommendations.md b/submissions/description/cloud_security/logging_and_monitoring_issues/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/logging_and_monitoring_issues/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/logging_and_monitoring_issues/template.md b/submissions/description/cloud_security/logging_and_monitoring_issues/template.md
new file mode 100644
index 00000000..2966e83b
--- /dev/null
+++ b/submissions/description/cloud_security/logging_and_monitoring_issues/template.md
@@ -0,0 +1,18 @@
+Logging and monitoring issues in cloud environments include deficiencies in collecting, storing, and analyzing security-relevant logs and metrics. Without proper logging and monitoring, detection, investigation, and response to security incidents becomes significantly challenging. An attacker who gains access to the system is able to do so undetected by security teams.
+
+**Business Impact**
+
+This vulnerability can result in financial losses and regulatory fines, as well as reputational damage and a loss of customer trust.
+
+**Steps to Reproduce**
+
+1. Identify a cloud service or resource with insufficient logging and monitoring: {{cloud_service_or_resource_id}}
+1. Perform actions that should generate security logs (e.g., failed login attempts, unauthorized access attempts, configuration changes): {{actions that should generate logs}}
+1. Attempt to locate and analyze the corresponding logs in the cloud provider's logging service or SIEM: {{logging platform or tool}}
+1. Observe that critical security events are either not logged, are incomplete, or that alerts are not triggered for suspicious activities, indicating a deficiency
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/misconfigured_services_and_apis/exposed_debug_or_admin_interfaces/guidance.md b/submissions/description/cloud_security/misconfigured_services_and_apis/exposed_debug_or_admin_interfaces/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/misconfigured_services_and_apis/exposed_debug_or_admin_interfaces/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/misconfigured_services_and_apis/exposed_debug_or_admin_interfaces/recommendations.md b/submissions/description/cloud_security/misconfigured_services_and_apis/exposed_debug_or_admin_interfaces/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/misconfigured_services_and_apis/exposed_debug_or_admin_interfaces/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/misconfigured_services_and_apis/exposed_debug_or_admin_interfaces/template.md b/submissions/description/cloud_security/misconfigured_services_and_apis/exposed_debug_or_admin_interfaces/template.md
new file mode 100644
index 00000000..70c6e3db
--- /dev/null
+++ b/submissions/description/cloud_security/misconfigured_services_and_apis/exposed_debug_or_admin_interfaces/template.md
@@ -0,0 +1,18 @@
+Web-based or API-driven control panels that provide privileged access to cloud applications or underlying infrastructure can be exposed to the internet or an untrusted network segment. These exposed debug or admin interfaces often lack robust authentication or have default credentials, which can allow an attacker to gain full control over systems and data.
+
+**Business Impact**
+
+This vulnerability can result in financial losses and regulatory fines, as well as reputational damage and a loss of customer trust.
+
+**Steps to Reproduce**
+
+1. Use web scanners, directory brute-forcing tools, or public search engines to identify potentially exposed debug or admin interfaces: {{scanning tool or search query used}}
+2. Navigate to the identified interface URL: {{URL}}
+3. Attempt to log in using default credentials, common weak passwords, or by bypassing authentication mechanisms: {{login attempt credentials}}
+4. Observe that unauthorized access to the debug or admin interface is gained, allowing control over the application or infrastructure
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/misconfigured_services_and_apis/guidance.md b/submissions/description/cloud_security/misconfigured_services_and_apis/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/misconfigured_services_and_apis/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/misconfigured_services_and_apis/insecure_api_endpoints/guidance.md b/submissions/description/cloud_security/misconfigured_services_and_apis/insecure_api_endpoints/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/misconfigured_services_and_apis/insecure_api_endpoints/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/misconfigured_services_and_apis/insecure_api_endpoints/recommendations.md b/submissions/description/cloud_security/misconfigured_services_and_apis/insecure_api_endpoints/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/misconfigured_services_and_apis/insecure_api_endpoints/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/misconfigured_services_and_apis/insecure_api_endpoints/template.md b/submissions/description/cloud_security/misconfigured_services_and_apis/insecure_api_endpoints/template.md
new file mode 100644
index 00000000..2aaa2b52
--- /dev/null
+++ b/submissions/description/cloud_security/misconfigured_services_and_apis/insecure_api_endpoints/template.md
@@ -0,0 +1,17 @@
+Individual API paths or methods can be vulnerable due to design flaws, improper input validation, or insufficient authorization checks for specific operations. An attacker can exploit misconfigured services and APIs to gain unauthorized access to data, cause service disruptions, or abuse resources.
+
+**Business Impact**
+
+This vulnerability can result in financial losses and regulatory fines, as well as reputational damage and a loss of customer trust.
+
+**Steps to Reproduce**
+
+1. Identify an API endpoint that processes sensitive data or performs critical actions: {{sensitive api endpoint URL}}
+2. Craft a request to the sensitive endpoint, attempting to access or modify data: {{crafted payload}}
+3. Observe the API's response, noting the successful unauthorized access to data or execution of a restricted function
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/misconfigured_services_and_apis/recommendations.md b/submissions/description/cloud_security/misconfigured_services_and_apis/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/misconfigured_services_and_apis/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/misconfigured_services_and_apis/template.md b/submissions/description/cloud_security/misconfigured_services_and_apis/template.md
new file mode 100644
index 00000000..7dd92eda
--- /dev/null
+++ b/submissions/description/cloud_security/misconfigured_services_and_apis/template.md
@@ -0,0 +1,18 @@
+Misconfigured services and API issues refer to a broad category of vulnerabilities arising from improper setup, default settings, or inadequate hardening of cloud services and their APIs. This can include exposed admin and debug interfaces, as well as insecure API configurations. An attacker can exploit misconfigured services and APIs to gain unauthorized access to data, cause service disruptions, or abuse resources.
+
+**Business Impact**
+
+This vulnerability can result in financial losses and regulatory fines, as well as reputational damage and a loss of customer trust.
+
+**Steps to Reproduce**
+
+1. Identify the following cloud service or API that appears to be running with default or insecure configurations: {{service or API}}
+1. Look at the configuration settings, default permissions, and exposed functionalities of the service/API: {{review method or tool}}
+1. Interact with the service/API with the following payload: {{exploit action or payload}}
+1. Observe that the misconfiguration allows unintended access, data leakage, or service manipulation
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/network_configuration_issues/guidance.md b/submissions/description/cloud_security/network_configuration_issues/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/network_configuration_issues/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/network_configuration_issues/lack_of_network_segmentation/guidance.md b/submissions/description/cloud_security/network_configuration_issues/lack_of_network_segmentation/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/network_configuration_issues/lack_of_network_segmentation/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/network_configuration_issues/lack_of_network_segmentation/recommendations.md b/submissions/description/cloud_security/network_configuration_issues/lack_of_network_segmentation/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/network_configuration_issues/lack_of_network_segmentation/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/network_configuration_issues/lack_of_network_segmentation/template.md b/submissions/description/cloud_security/network_configuration_issues/lack_of_network_segmentation/template.md
new file mode 100644
index 00000000..45f1f53f
--- /dev/null
+++ b/submissions/description/cloud_security/network_configuration_issues/lack_of_network_segmentation/template.md
@@ -0,0 +1,17 @@
+Lack of network segmentation in a cloud environment means that different logical components are not adequately isolated from each other within the virtual network. This allows an attacker who compromises one component to move laterally across the network to other systems and access sensitive information.
+
+**Business Impact**
+
+This vulnerability can lead to reputational damage and loss of customer trust, as well as potential regulatory fines and legal action.
+
+**Steps to Reproduce**
+
+1. Identify two or more cloud resources that should be logically isolated and reside within the same virtual network: {{resource A}} and {{resource B}}
+2. From Resource A, establish a direct network connection to Resource B, bypassing intended security controls: {{connection attempt command}}
+3. Observe that the connection is successfully established, demonstrating the lack of proper segmentation between the two resources
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/network_configuration_issues/open_management_ports_to_the_internet/guidance.md b/submissions/description/cloud_security/network_configuration_issues/open_management_ports_to_the_internet/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/network_configuration_issues/open_management_ports_to_the_internet/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/network_configuration_issues/open_management_ports_to_the_internet/recommendations.md b/submissions/description/cloud_security/network_configuration_issues/open_management_ports_to_the_internet/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/network_configuration_issues/open_management_ports_to_the_internet/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/network_configuration_issues/open_management_ports_to_the_internet/template.md b/submissions/description/cloud_security/network_configuration_issues/open_management_ports_to_the_internet/template.md
new file mode 100644
index 00000000..20d7cd81
--- /dev/null
+++ b/submissions/description/cloud_security/network_configuration_issues/open_management_ports_to_the_internet/template.md
@@ -0,0 +1,18 @@
+Open management ports can be directly exposed to the public internet without proper restrictions. This allows an attacker a direct pathway to sensitive systems, often bypassing other layers of security. Attacks such as brute-force attacks, credential stuffing, or exploitation of known vulnerabilities in these services become trivial.
+
+**Business Impact**
+
+This vulnerability can lead to reputational damage and loss of customer trust, as well as potential regulatory fines and legal action.
+
+**Steps to Reproduce**
+
+1. Use a port scanning tool or public internet scanner to identify cloud instances with open management ports: {{scanning tool}}
+2. Identify an instance with a commonly exposed management port (e.g., 22, 3389, 8080, 27017) open to `0.0.0.0/0` or a broad IP range: {{exposed ip and port}}
+3. Connect to the exposed port using a standard client for that service: {{connection command}}
+4. Observe that a connection is successfully established, demonstrating direct internet exposure of the management interface.
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/network_configuration_issues/recommendations.md b/submissions/description/cloud_security/network_configuration_issues/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/network_configuration_issues/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/network_configuration_issues/template.md b/submissions/description/cloud_security/network_configuration_issues/template.md
new file mode 100644
index 00000000..c2a2ca18
--- /dev/null
+++ b/submissions/description/cloud_security/network_configuration_issues/template.md
@@ -0,0 +1,17 @@
+Network configuration issues in cloud environments encompass a wide array of misconfigurations which can expose internal resources, allow unauthorized traffic. These network misconfigurations can allow an attacker to view or modify data, depending on the type of misconfiguration.
+
+**Business Impact**
+
+This vulnerability can lead to reputational damage and loss of customer trust, as well as regulatory fines and potential legal action.
+
+**Steps to Reproduce**
+
+1. Identify the cloud network component with a misconfiguration: {{network component}}
+1. Send the following test traffic to a resource that should be isolated or blocked, or from a source that should be denied: {{test traffic}}
+1. Observe that the unauthorized traffic is permitted, or that legitimate traffic is unexpectedly blocked, indicating a misconfiguration
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/recommendations.md b/submissions/description/cloud_security/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/storage_misconfigurations/guidance.md b/submissions/description/cloud_security/storage_misconfigurations/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/storage_misconfigurations/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/storage_misconfigurations/publicly_accessible_cloud_storage/guidance.md b/submissions/description/cloud_security/storage_misconfigurations/publicly_accessible_cloud_storage/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/storage_misconfigurations/publicly_accessible_cloud_storage/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/storage_misconfigurations/publicly_accessible_cloud_storage/recommendations.md b/submissions/description/cloud_security/storage_misconfigurations/publicly_accessible_cloud_storage/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/storage_misconfigurations/publicly_accessible_cloud_storage/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/storage_misconfigurations/publicly_accessible_cloud_storage/template.md b/submissions/description/cloud_security/storage_misconfigurations/publicly_accessible_cloud_storage/template.md
new file mode 100644
index 00000000..7fdc0b49
--- /dev/null
+++ b/submissions/description/cloud_security/storage_misconfigurations/publicly_accessible_cloud_storage/template.md
@@ -0,0 +1,17 @@
+Sensitive information becomes publicly accessible, or accessible to unauthorized entities, due to improper settings on cloud storage services. This often happens when buckets are inadvertently set to public, or access policies are too broad. Attackers can discover and exfiltrate data without needing to bypass any security controls due to the cloud storage being publicly accessible.
+
+**Business Impact**
+
+This vulnerability leads to reputational damage and loss of customer trust, as well as potential regulatory fines and legal action. Financial impact can be substantial as a result.
+
+**Steps to Reproduce**
+
+1. Use a public search engine or specific tools to identify publicly accessible cloud storage buckets: {{search query or tool}}
+1. Browse the contents of the identified bucket directly via its URL or through a cloud storage browser: {{bucket url}}
+1. Observe that sensitive files or directories are accessible without requiring any authentication or authorization.
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/storage_misconfigurations/recommendations.md b/submissions/description/cloud_security/storage_misconfigurations/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/storage_misconfigurations/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/storage_misconfigurations/template.md b/submissions/description/cloud_security/storage_misconfigurations/template.md
new file mode 100644
index 00000000..cd26121d
--- /dev/null
+++ b/submissions/description/cloud_security/storage_misconfigurations/template.md
@@ -0,0 +1,18 @@
+Storage misconfigurations encompass a broad range of improper settings on cloud storage services that can lead to security vulnerabilities beyond just public accessibility. This includes issues like incorrect bucket policies, lack of versioning, inadequate logging, improper cross-account access, and misconfigured lifecycle rules. These misconfigurations allow an attacker to gain access to data, perform unauthorized modifications, or hinder forensic analysis.
+
+**Business Impact**
+
+The business impact can range from data loss to unauthorized data access or modification by internal or external threats. It can also lead to compliance failures, increased operational costs, and an inability to properly investigate security incidents due to insufficient logging. Reputational damage and potential legal liabilities are also risks.
+
+**Steps to Reproduce**
+
+1. Identify a cloud storage resource with potentially misconfigured settings: {{storage resource url}}
+1. Review the configuration settings (e.g., bucket policies, ACLs, logging, versioning, encryption status): {{configuration review}}
+1. Attempt to exploit a specific misconfiguration: {{exploit command}}
+1. Observe the successful exploitation of the misconfiguration
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/storage_misconfigurations/unencrypted_sensitive_data_at_rest/guidance.md b/submissions/description/cloud_security/storage_misconfigurations/unencrypted_sensitive_data_at_rest/guidance.md
new file mode 100644
index 00000000..6e78d84d
--- /dev/null
+++ b/submissions/description/cloud_security/storage_misconfigurations/unencrypted_sensitive_data_at_rest/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access and exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/cloud_security/storage_misconfigurations/unencrypted_sensitive_data_at_rest/recommendations.md b/submissions/description/cloud_security/storage_misconfigurations/unencrypted_sensitive_data_at_rest/recommendations.md
new file mode 100644
index 00000000..de1b1512
--- /dev/null
+++ b/submissions/description/cloud_security/storage_misconfigurations/unencrypted_sensitive_data_at_rest/recommendations.md
@@ -0,0 +1,8 @@
+# Recommendation(s)
+
+Harden cloud environments by enforcing least privilege on identities, encrypting data in transit and at rest, blocking public access to sensitive resources, and restricting admin interfaces to trusted networks. Implement proper network segmentation, enable logging and continuous monitoring, and audit configurations regularly using automated tools. Follow cloud security benchmarks and adopt defense-in-depth strategies.
+
+For more information, view the following resources:
+
+- <https://owasp.org/www-project-cloud-native-application-security-top-10/>
+- <https://cloudsecurityalliance.org/artifacts/security-guidance-v4/>
diff --git a/submissions/description/cloud_security/storage_misconfigurations/unencrypted_sensitive_data_at_rest/template.md b/submissions/description/cloud_security/storage_misconfigurations/unencrypted_sensitive_data_at_rest/template.md
new file mode 100644
index 00000000..9883810f
--- /dev/null
+++ b/submissions/description/cloud_security/storage_misconfigurations/unencrypted_sensitive_data_at_rest/template.md
@@ -0,0 +1,17 @@
+Unencrypted sensitive data at rest occurs when confidential information is stored in cloud storage services (e.g., databases, object storage, file systems) without applying appropriate encryption. An attacker who gains access to the storage is able to view the sensitive data without requiring further decryption efforts.
+
+**Business Impact**
+
+This vulnerability can lead to reputational damage and loss of customer trust, as well as regulatory fines and potential legal action.
+
+**Steps to Reproduce**
+
+1. Use a public search engine or specific tools to identify the cloud storage bucket(s) suspected of storing sensitive data without encryption: {{storage service url}}    
+2. Gain unauthorized access to the underlying storage mechanism by performing the following action: {{access method}}
+3. Observe and verify that sensitive information is present in plaintext or easily readable format that doesn't require any decryption process
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/cloud_security/template.md b/submissions/description/cloud_security/template.md
new file mode 100644
index 00000000..4862e0a8
--- /dev/null
+++ b/submissions/description/cloud_security/template.md
@@ -0,0 +1,17 @@
+Cloud security vulnerabilities are any weakness in the design, implementation, operation, or management of cloud services that could be exploited by an attacker. These vulnerabilities can arise from misconfigurations, insecure coding practices, unpatched software, or inadequate security controls. Cloud security vulnerabilities allow an attacker to gain unauthorized access, compromise data, disrupt services, or abuse resources across various cloud components.
+
+**Business Impact**
+
+Cloud security vulnerabilities can lead to regulatory non-compliance, legal liabilities, and a significant erosion of customer trust, affecting the business's long-term viability.
+
+**Steps to Reproduce**
+
+1. Identify a potential weak point or misconfiguration in a cloud service or application: {{vulnerable component or service}}
+1. Execute the exploit, attempting to gain unauthorized access, modify data, or disrupt service: {{exploit payload or action}}
+1. Observe and confirm the successful exploitation
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/server_security_misconfiguration/exposed_admin_portal/.gitkeep b/submissions/description/server_security_misconfiguration/exposed_admin_portal/.gitkeep
deleted file mode 100644
index e69de29b..00000000
diff --git a/submissions/description/server_security_misconfiguration/exposed_admin_portal/recommendations.md b/submissions/description/server_security_misconfiguration/exposed_admin_portal/recommendations.md
deleted file mode 100644
index 8348b89a..00000000
--- a/submissions/description/server_security_misconfiguration/exposed_admin_portal/recommendations.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# Recommendation(s)
-
-If possible, remove the admin portal from the internet. If remote login is required, place the admin portal behind a firewall and keep software up to date as part of a patch management lifecycle. It is also best practice to use strong passwords and multi-factor authentication for admin portals. To secure admin portals further, limit the amount of login attempts and limit access to a particular set of IP addresses.
diff --git a/submissions/description/server_security_misconfiguration/exposed_admin_portal/template.md b/submissions/description/server_security_misconfiguration/exposed_admin_portal/template.md
deleted file mode 100644
index 3f1b8569..00000000
--- a/submissions/description/server_security_misconfiguration/exposed_admin_portal/template.md
+++ /dev/null
@@ -1,22 +0,0 @@
-Administrative portals for an application allow Admins to login and modify how the application runs and the content it serves. This can include adding, removing, updating, or creating new content, account provisioning, data manipulation, and other configuration changes.
-
-An attacker who is able to identify an exposed admin portal can then brute force credentials. If they successfully login, they can access the administrative interface and carry out activities with Admin privileges.
-
-**Business Impact**
-
-Exposed admin portals can lead to indirect financial loss due to the attacker’s ability to modify, remove or create data within the admin portal. It can also cause reputational damage for the business due to a loss in confidence and trust by users.
-
-**Steps to Reproduce**
-
-1. Use a browser to navigate to the admin portal via the URL: {{URL}}
-1. The following are the functionalities of the admin portal:
-
-{{value}}
-
-1. Execute {{action}} on the admin portal
-
-**Proof of Concept (PoC)**
-
-The screenshot(s) below demonstrates the exposed admin portal:
-
-{{screenshot}}
diff --git a/submissions/description/server_security_misconfiguration/exposed_admin_portal/to_internet/.gitkeep b/submissions/description/server_security_misconfiguration/exposed_admin_portal/to_internet/.gitkeep
deleted file mode 100644
index e69de29b..00000000
diff --git a/submissions/description/server_security_misconfiguration/exposed_admin_portal/to_internet/recommendations.md b/submissions/description/server_security_misconfiguration/exposed_admin_portal/to_internet/recommendations.md
deleted file mode 100644
index 8348b89a..00000000
--- a/submissions/description/server_security_misconfiguration/exposed_admin_portal/to_internet/recommendations.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# Recommendation(s)
-
-If possible, remove the admin portal from the internet. If remote login is required, place the admin portal behind a firewall and keep software up to date as part of a patch management lifecycle. It is also best practice to use strong passwords and multi-factor authentication for admin portals. To secure admin portals further, limit the amount of login attempts and limit access to a particular set of IP addresses.
diff --git a/submissions/description/server_security_misconfiguration/exposed_admin_portal/to_internet/template.md b/submissions/description/server_security_misconfiguration/exposed_admin_portal/to_internet/template.md
deleted file mode 100644
index 3f1b8569..00000000
--- a/submissions/description/server_security_misconfiguration/exposed_admin_portal/to_internet/template.md
+++ /dev/null
@@ -1,22 +0,0 @@
-Administrative portals for an application allow Admins to login and modify how the application runs and the content it serves. This can include adding, removing, updating, or creating new content, account provisioning, data manipulation, and other configuration changes.
-
-An attacker who is able to identify an exposed admin portal can then brute force credentials. If they successfully login, they can access the administrative interface and carry out activities with Admin privileges.
-
-**Business Impact**
-
-Exposed admin portals can lead to indirect financial loss due to the attacker’s ability to modify, remove or create data within the admin portal. It can also cause reputational damage for the business due to a loss in confidence and trust by users.
-
-**Steps to Reproduce**
-
-1. Use a browser to navigate to the admin portal via the URL: {{URL}}
-1. The following are the functionalities of the admin portal:
-
-{{value}}
-
-1. Execute {{action}} on the admin portal
-
-**Proof of Concept (PoC)**
-
-The screenshot(s) below demonstrates the exposed admin portal:
-
-{{screenshot}}
diff --git a/submissions/description/server_security_misconfiguration/exposed_portal/admin_portal/recommendations.md b/submissions/description/server_security_misconfiguration/exposed_portal/admin_portal/recommendations.md
new file mode 100644
index 00000000..c33580ab
--- /dev/null
+++ b/submissions/description/server_security_misconfiguration/exposed_portal/admin_portal/recommendations.md
@@ -0,0 +1,3 @@
+# Recommendation(s)
+
+If possible, remove the admin portal from the internet. If remote login is required, place the admin portal behind a firewall and keep software up to date as part of a patch management lifecycle. Implement network-level access controls and authentication gateways to prevent unauthorized access to exposed portals, regardless of privilege level.
diff --git a/submissions/description/server_security_misconfiguration/exposed_portal/admin_portal/template.md b/submissions/description/server_security_misconfiguration/exposed_portal/admin_portal/template.md
new file mode 100644
index 00000000..03663a58
--- /dev/null
+++ b/submissions/description/server_security_misconfiguration/exposed_portal/admin_portal/template.md
@@ -0,0 +1,22 @@
+Administrative portals for an application allow Admins to log in and modify how the application runs and the content it serves. This can include adding, removing, updating, or creating new content, account provisioning, data manipulation, and other configuration changes.
+
+An attacker is able to identify an exposed portal and can then brute force credentials. If they successfully log in, they can access the backend interface and carry out activities within it with Admin privileges.
+
+**Business Impact**
+
+Exposed portals can lead to indirect financial loss due to the attacker’s ability to modify, remove or create data within the admin portal. It can also cause reputational damage for the business due to a loss in confidence and trust by users.
+
+**Steps to Reproduce**
+
+1. Use a browser to navigate to the portal via the URL: {{URL}}
+1. The following are the functionalities of the admin portal:
+
+{{value}}
+
+1. Execute {{action}} on the admin portal
+
+**Proof of Concept (PoC)**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+>
+> {{screenshot}}
diff --git a/submissions/description/server_security_misconfiguration/exposed_portal/non_admin_portal/recommendations.md b/submissions/description/server_security_misconfiguration/exposed_portal/non_admin_portal/recommendations.md
new file mode 100644
index 00000000..c33580ab
--- /dev/null
+++ b/submissions/description/server_security_misconfiguration/exposed_portal/non_admin_portal/recommendations.md
@@ -0,0 +1,3 @@
+# Recommendation(s)
+
+If possible, remove the admin portal from the internet. If remote login is required, place the admin portal behind a firewall and keep software up to date as part of a patch management lifecycle. Implement network-level access controls and authentication gateways to prevent unauthorized access to exposed portals, regardless of privilege level.
diff --git a/submissions/description/server_security_misconfiguration/exposed_portal/non_admin_portal/template.md b/submissions/description/server_security_misconfiguration/exposed_portal/non_admin_portal/template.md
new file mode 100644
index 00000000..300af682
--- /dev/null
+++ b/submissions/description/server_security_misconfiguration/exposed_portal/non_admin_portal/template.md
@@ -0,0 +1,22 @@
+Login portals for an application allow users to log in and modify how the application runs and the content it serves. This can include adding, removing, updating, or creating new content, account provisioning, data manipulation, and other configuration changes.
+
+An attacker who is able to identify this exposed portal can then brute force credentials. If they successfully log in, they can access the backend interface and carry out activities with the privileges of the system.
+
+**Business Impact**
+
+Exposed portals can lead to indirect financial loss due to the attacker’s ability to modify, remove or create data within the admin portal. It can also cause reputational damage for the business due to a loss in confidence and trust by users.
+
+**Steps to Reproduce**
+
+1. Use a browser to navigate to the portal via the URL: {{URL}}
+1. The following are the functionalities of the portal:
+
+{{value}}
+
+1. Execute {{action}} on the portal
+
+**Proof of Concept (PoC)**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+>
+> {{screenshot}}
diff --git a/submissions/description/server_security_misconfiguration/exposed_portal/protected/recommendations.md b/submissions/description/server_security_misconfiguration/exposed_portal/protected/recommendations.md
new file mode 100644
index 00000000..c33580ab
--- /dev/null
+++ b/submissions/description/server_security_misconfiguration/exposed_portal/protected/recommendations.md
@@ -0,0 +1,3 @@
+# Recommendation(s)
+
+If possible, remove the admin portal from the internet. If remote login is required, place the admin portal behind a firewall and keep software up to date as part of a patch management lifecycle. Implement network-level access controls and authentication gateways to prevent unauthorized access to exposed portals, regardless of privilege level.
diff --git a/submissions/description/server_security_misconfiguration/exposed_portal/protected/template.md b/submissions/description/server_security_misconfiguration/exposed_portal/protected/template.md
new file mode 100644
index 00000000..37d4322f
--- /dev/null
+++ b/submissions/description/server_security_misconfiguration/exposed_portal/protected/template.md
@@ -0,0 +1,22 @@
+Administrative portals for an application allow Admins to log in and modify how the application runs and the content it serves. This can include adding, removing, updating, or creating new content, account provisioning, data manipulation, and other configuration changes.
+
+An attacker who is able to identify an exposed portal can then brute force credentials. If they successfully log in, they can access the administrative interface and carry out activities with Admin privileges.
+
+**Business Impact**
+
+Exposed portals can lead to indirect financial loss due to the attacker’s ability to modify, remove or create data within the admin portal. It can also cause reputational damage for the business due to a loss in confidence and trust by users.
+
+**Steps to Reproduce**
+
+1. Use a browser to navigate to the portal via the URL: {{URL}}
+1. The following are the functionalities of the admin portal:
+
+{{value}}
+
+1. Execute {{action}} on the admin portal
+
+**Proof of Concept (PoC)**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+>
+> {{screenshot}}
diff --git a/submissions/description/server_security_misconfiguration/exposed_portal/recommendations.md b/submissions/description/server_security_misconfiguration/exposed_portal/recommendations.md
new file mode 100644
index 00000000..c33580ab
--- /dev/null
+++ b/submissions/description/server_security_misconfiguration/exposed_portal/recommendations.md
@@ -0,0 +1,3 @@
+# Recommendation(s)
+
+If possible, remove the admin portal from the internet. If remote login is required, place the admin portal behind a firewall and keep software up to date as part of a patch management lifecycle. Implement network-level access controls and authentication gateways to prevent unauthorized access to exposed portals, regardless of privilege level.
diff --git a/submissions/description/server_security_misconfiguration/exposed_portal/template.md b/submissions/description/server_security_misconfiguration/exposed_portal/template.md
new file mode 100644
index 00000000..0e7ea387
--- /dev/null
+++ b/submissions/description/server_security_misconfiguration/exposed_portal/template.md
@@ -0,0 +1,22 @@
+Administrative portals for an application allow Admins to log in and modify how the application runs and the content it serves. This can include adding, removing, updating, or creating new content, account provisioning, data manipulation, and other configuration changes.
+
+An attacker is able to identify an exposed portal and can then brute force credentials. If they successfully log in, they can access the backend interface and carry out activities within it with the default privileges of the system.
+
+**Business Impact**
+
+Exposed portals can lead to indirect financial loss due to the attacker’s ability to modify, remove or create data within the admin portal. It can also cause reputational damage for the business due to a loss in confidence and trust by users.
+
+**Steps to Reproduce**
+
+1. Use a browser to navigate to the portal via the URL: {{URL}}
+1. The following are the functionalities of the admin portal:
+
+{{value}}
+
+1. Execute {{action}} on the admin portal
+
+**Proof of Concept (PoC)**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+>
+> {{screenshot}}
diff --git a/submissions/description/server_side_injection/exposed_data/guidance.md b/submissions/description/server_side_injection/exposed_data/guidance.md
new file mode 100644
index 00000000..f8045a5c
--- /dev/null
+++ b/submissions/description/server_side_injection/exposed_data/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access the vulnerable injection point, and how to exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/server_side_injection/exposed_data/non_sensitive_data/guidance.md b/submissions/description/server_side_injection/exposed_data/non_sensitive_data/guidance.md
new file mode 100644
index 00000000..f8045a5c
--- /dev/null
+++ b/submissions/description/server_side_injection/exposed_data/non_sensitive_data/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access the vulnerable injection point, and how to exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/server_side_injection/exposed_data/non_sensitive_data/recommendations.md b/submissions/description/server_side_injection/exposed_data/non_sensitive_data/recommendations.md
new file mode 100644
index 00000000..ed646647
--- /dev/null
+++ b/submissions/description/server_side_injection/exposed_data/non_sensitive_data/recommendations.md
@@ -0,0 +1,7 @@
+# Recommendation(s)
+
+All user input should be sanitized using allow lists (valid characters and code strings), disallow lists (invalid characters and code strings), and escape sanitizing (elimination of invalid data requests). It is best practice that all user input goes through a validation process which only allows content to be processed by the server if it passes validation.
+
+For more information, view the following resource:
+
+- <https://owasp.org/www-project-proactive-controls/v3/en/c5-validate-inputs>
diff --git a/submissions/description/server_side_injection/exposed_data/non_sensitive_data/template.md b/submissions/description/server_side_injection/exposed_data/non_sensitive_data/template.md
new file mode 100644
index 00000000..a2084614
--- /dev/null
+++ b/submissions/description/server_side_injection/exposed_data/non_sensitive_data/template.md
@@ -0,0 +1,20 @@
+Server-side injection allows attackers to inject malicious code into server-side scripts. An attacker is able to manipulate the application to include a malicious script which is executed by the server and exposes non-sensitive data.
+
+**Business Impact**
+
+The vulnerability can result in data theft and manipulation, and reputational damage for the business as customers' trust is negatively impacted by an attacker’s ability to access and modify data on a server.
+
+**Steps to Reproduce**
+
+1. In a browser, navigate to the URL: {{url}}
+1. Identify that the following input field that is vulnerable to injection: {{vulnerable input field}}
+1. Inject the following code into the vulnerable input:
+{{code}}
+1. Submit the form or input data containing the injected code
+1. Observe the response from the server, noticing the exposed data
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/server_side_injection/exposed_data/recommendations.md b/submissions/description/server_side_injection/exposed_data/recommendations.md
new file mode 100644
index 00000000..ed646647
--- /dev/null
+++ b/submissions/description/server_side_injection/exposed_data/recommendations.md
@@ -0,0 +1,7 @@
+# Recommendation(s)
+
+All user input should be sanitized using allow lists (valid characters and code strings), disallow lists (invalid characters and code strings), and escape sanitizing (elimination of invalid data requests). It is best practice that all user input goes through a validation process which only allows content to be processed by the server if it passes validation.
+
+For more information, view the following resource:
+
+- <https://owasp.org/www-project-proactive-controls/v3/en/c5-validate-inputs>
diff --git a/submissions/description/server_side_injection/exposed_data/sensitive_data/guidance.md b/submissions/description/server_side_injection/exposed_data/sensitive_data/guidance.md
new file mode 100644
index 00000000..f8045a5c
--- /dev/null
+++ b/submissions/description/server_side_injection/exposed_data/sensitive_data/guidance.md
@@ -0,0 +1,5 @@
+# Guidance
+
+Provide a step-by-step walkthrough with a screenshot on how to access the vulnerable injection point, and how to exploit the vulnerability. Your submission must include evidence of the vulnerability and not be theoretical in nature.
+
+Attempt to escalate the content spoofing vulnerability. If this is possible, provide a full Proof of Concept (PoC).
diff --git a/submissions/description/server_side_injection/exposed_data/sensitive_data/recommendations.md b/submissions/description/server_side_injection/exposed_data/sensitive_data/recommendations.md
new file mode 100644
index 00000000..ed646647
--- /dev/null
+++ b/submissions/description/server_side_injection/exposed_data/sensitive_data/recommendations.md
@@ -0,0 +1,7 @@
+# Recommendation(s)
+
+All user input should be sanitized using allow lists (valid characters and code strings), disallow lists (invalid characters and code strings), and escape sanitizing (elimination of invalid data requests). It is best practice that all user input goes through a validation process which only allows content to be processed by the server if it passes validation.
+
+For more information, view the following resource:
+
+- <https://owasp.org/www-project-proactive-controls/v3/en/c5-validate-inputs>
diff --git a/submissions/description/server_side_injection/exposed_data/sensitive_data/template.md b/submissions/description/server_side_injection/exposed_data/sensitive_data/template.md
new file mode 100644
index 00000000..66dc9c76
--- /dev/null
+++ b/submissions/description/server_side_injection/exposed_data/sensitive_data/template.md
@@ -0,0 +1,20 @@
+Server-side injection allows attackers to inject malicious code into server-side scripts. An attacker is able to manipulate the application to include a malicious script which is executed by the server and exposes sensitive data.
+
+**Business Impact**
+
+The vulnerability can result in data theft and manipulation, and reputational damage for the business as customers' trust is negatively impacted by an attacker’s ability to access and modify data on a server.
+
+**Steps to Reproduce**
+
+1. In a browser, navigate to the URL: {{url}}
+1. Identify that the following input field that is vulnerable to injection: {{vulnerable input field}}
+1. Inject the following code into the vulnerable input:
+{{code}}
+1. Submit the form or input data containing the injected code
+1. Observe the response from the server, noticing the exposed data
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}
diff --git a/submissions/description/server_side_injection/exposed_data/template.md b/submissions/description/server_side_injection/exposed_data/template.md
new file mode 100644
index 00000000..c08750b6
--- /dev/null
+++ b/submissions/description/server_side_injection/exposed_data/template.md
@@ -0,0 +1,20 @@
+Server-side injection allows attackers to inject malicious code into server-side scripts. An attacker is able to manipulate the application to include a malicious script which is executed by the server and exposes data.
+
+**Business Impact**
+
+The vulnerability can result in data theft and manipulation, and reputational damage for the business as customers' trust is negatively impacted by an attacker’s ability to access and modify data on a server.
+
+**Steps to Reproduce**
+
+1. In a browser, navigate to the URL: {{url}}
+1. Identify that the following input field that is vulnerable to injection: {{vulnerable input field}}
+1. Inject the following code into the vulnerable input:
+{{code}}
+1. Submit the form or input data containing the injected code
+1. Observe the response from the server, noticing the exposed data
+
+**Proof of Concept**
+
+The screenshot(s) below demonstrate(s) the vulnerability:
+
+{{screenshot}}