v4.0 CVE Records aren't valid if RESERVED is chosen

[ElectricNroff]

I'm using the current https://vulnogram.github.io form as of the date/time of this issue.

I start with the "Minimal example needed for CVE [single entry]" text from the https://github.com/CVEProject/cve-schema/blob/master/schema/v4.0/DRAFT-JSON-file-format-v4.md file.

I make one modification by adding:

   "STATE":"RESERVED",

immediately before the:

   "ID": "CVE-2005-4900",

line. I then click on Source near the top of the https://vulnogram.github.io/#editor page, which navigates to the https://vulnogram.github.io/#source page. I then cut the existing text, and paste the text derived from the modified DRAFT-JSON-file-format-v4.md example.

I then return to https://vulnogram.github.io/#editor and, on the STATE line, near the top, RESERVED is highlighted in a gold color.

I then go to https://vulnogram.github.io/#mitre and it shows a CVE description and references. This is not the expected UI experience, because a v4.0 RESERVED CVE Record cannot have any references.

In practice, this issue is encountered when a Vulnogram user chooses RESERVED accidentally, when they meant to choose PUBLIC. The resulting JSON document is not valid. The Vulnogram UI does not have an effective way to alert the user to this mistake.