dradis-calculator_cvss 3.14.0 → 3.19.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,60 +1,60 @@
1
1
  <section data-behavior="cvss-buttons">
2
2
 
3
3
  <div class="inner">
4
- <h3 title="This metric measures the likelihood of the vulnerability being attacked, and is typically based on the current state of exploit techniques, exploit code availability, or active, 'in-the-wild' exploitation.">
4
+ <h5 class="header-underline mt-0" title="This metric measures the likelihood of the vulnerability being attacked, and is typically based on the current state of exploit techniques, exploit code availability, or active, 'in-the-wild' exploitation.">
5
5
  Exploit Code Maturity (E)
6
- </h3>
6
+ </h5>
7
7
 
8
8
  <%= hidden_field_tag :e, @cvss_vector['E'] %>
9
9
 
10
- <div class="btn-group" data-toggle="buttons-radio">
11
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['E'] == 'X' %>" name="e" value="X" title="(X) Assigning this value to the metric will not influence the score.">Not Defined <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
10
+ <div class="btn-group mb-4" data-toggle="buttons-radio">
11
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['E'] == 'X' %>" name="e" value="X" data-label="Not Defined" title="(X) Assigning this value to the metric will not influence the score.">Not Defined <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
12
12
 
13
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['E'] == 'U' %>" name="e" value="U" title="No exploit code is available, or an exploit is theoretical.">Unproven <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
13
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['E'] == 'U' %>" name="e" value="U" data-label="Unproven" title="No exploit code is available, or an exploit is theoretical.">Unproven <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
14
14
 
15
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['E'] == 'P' %>" name="e" value="P" title="(P) Proof-of-concept exploit code is available, or an attack demonstration is not practical for most systems. The code or technique is not functional in all situations and may require substantial modification by a skilled attacker.">Proof-of-Concept <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
15
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['E'] == 'P' %>" name="e" value="P" data-label="Proof-of-Concept" title="(P) Proof-of-concept exploit code is available, or an attack demonstration is not practical for most systems. The code or technique is not functional in all situations and may require substantial modification by a skilled attacker.">Proof-of-Concept <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
16
16
 
17
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['E'] == 'F' %>" name="e" value="F" title="(F) Functional exploit code is available. The code works in most situations where the vulnerability exists.">Functional <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
17
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['E'] == 'F' %>" name="e" value="F" data-label="Functional" title="(F) Functional exploit code is available. The code works in most situations where the vulnerability exists.">Functional <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
18
18
 
19
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['E'] == 'H' %>" name="e" value="H" title="(H) Functional autonomous code exists, or no exploit is required (manual trigger) and details are widely available. Exploit code works in every situation, or is actively being delivered via an autonomous agent (such as a worm or virus). Network-connected systems are likely to encounter scanning or exploitation attempts. Exploit development has reached the level of reliable, widely-available, easy-to-use automated tools.">High <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
19
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['E'] == 'H' %>" name="e" value="H" data-label="High" title="(H) Functional autonomous code exists, or no exploit is required (manual trigger) and details are widely available. Exploit code works in every situation, or is actively being delivered via an autonomous agent (such as a worm or virus). Network-connected systems are likely to encounter scanning or exploitation attempts. Exploit development has reached the level of reliable, widely-available, easy-to-use automated tools.">High <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
20
20
  </div>
21
21
  </div>
22
22
 
23
23
  <div class="inner">
24
- <h3 title="The Remediation Level of a vulnerability is an important factor for prioritization. The typical vulnerability is unpatched when initially published. Workarounds or hotfixes may offer interim remediation until an official patch or upgrade is issued. Each of these respective stages adjusts the temporal score downwards, reflecting the decreasing urgency as remediation becomes final.">
24
+ <h5 class="header-underline mt-0" title="The Remediation Level of a vulnerability is an important factor for prioritization. The typical vulnerability is unpatched when initially published. Workarounds or hotfixes may offer interim remediation until an official patch or upgrade is issued. Each of these respective stages adjusts the temporal score downwards, reflecting the decreasing urgency as remediation becomes final.">
25
25
  Remediation Level (RL)
26
- </h3>
26
+ </h5>
27
27
 
28
28
  <%= hidden_field_tag :rl, @cvss_vector['RL'] %>
29
29
 
30
- <div class="btn-group" data-toggle="buttons-radio">
31
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['RL'] == 'X' %>" name="rl" value="X" title="(X) Assigning this value to the metric will not influence the score.">Not Defined <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
30
+ <div class="btn-group mb-4" data-toggle="buttons-radio">
31
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['RL'] == 'X' %>" name="rl" value="X" data-label="Not Defined" title="(X) Assigning this value to the metric will not influence the score.">Not Defined <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
32
32
 
33
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['RL'] == 'O' %>" name="rl" value="O" title="(O) A complete vendor solution is available. Either the vendor has issued an official patch, or an upgrade is available.">Official Fix <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
33
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['RL'] == 'O' %>" name="rl" value="O" data-label="Official Fix" title="(O) A complete vendor solution is available. Either the vendor has issued an official patch, or an upgrade is available.">Official Fix <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
34
34
 
35
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['RL'] == 'T' %>" name="rl" value="T" title="(T) There is an official but temporary fix available. This includes instances where the vendor issues a temporary hotfix, tool, or workaround.">Temporary Fix <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
35
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['RL'] == 'T' %>" name="rl" value="T" data-label="Temporary Fix" title="(T) There is an official but temporary fix available. This includes instances where the vendor issues a temporary hotfix, tool, or workaround.">Temporary Fix <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
36
36
 
37
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['RL'] == 'W' %>" name="rl" value="W" title="(W) There is an unofficial, non-vendor solution available. In some cases, users of the affected technology will create a patch of their own or provide steps to work around or otherwise mitigate the vulnerability.">Workaround <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
37
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['RL'] == 'W' %>" name="rl" value="W" data-label="Workaround" title="(W) There is an unofficial, non-vendor solution available. In some cases, users of the affected technology will create a patch of their own or provide steps to work around or otherwise mitigate the vulnerability.">Workaround <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
38
38
 
39
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['RL'] == 'U' %>" name="rl" value="U" title="(U) There is either no solution available or it is impossible to apply.">Unavailable <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
39
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['RL'] == 'U' %>" name="rl" value="U" data-label="Unavailable" title="(U) There is either no solution available or it is impossible to apply.">Unavailable <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
40
40
  </div>
41
41
  </div>
42
42
 
43
43
  <div class="inner">
44
- <h3 title="This metric measures the degree of confidence in the existence of the vulnerability and the credibility of the known technical details. Sometimes only the existence of vulnerabilities are publicized, but without specific details. For example, an impact may be recognized as undesirable, but the root cause may not be known. The vulnerability may later be corroborated by research which suggests where the vulnerability may lie, though the research may not be certain. Finally, a vulnerability may be confirmed through acknowledgement by the author or vendor of the affected technology. The urgency of a vulnerability is higher when a vulnerability is known to exist with certainty. This metric also suggests the level of technical knowledge available to would-be attackers.">
44
+ <h5 class="header-underline mt-0" title="This metric measures the degree of confidence in the existence of the vulnerability and the credibility of the known technical details. Sometimes only the existence of vulnerabilities are publicized, but without specific details. For example, an impact may be recognized as undesirable, but the root cause may not be known. The vulnerability may later be corroborated by research which suggests where the vulnerability may lie, though the research may not be certain. Finally, a vulnerability may be confirmed through acknowledgement by the author or vendor of the affected technology. The urgency of a vulnerability is higher when a vulnerability is known to exist with certainty. This metric also suggests the level of technical knowledge available to would-be attackers.">
45
45
  Report Confidence (RC)
46
- </h3>
46
+ </h5>
47
47
 
48
48
  <%= hidden_field_tag :rc, @cvss_vector['RC'] %>
49
49
 
50
- <div class="btn-group" data-toggle="buttons-radio">
51
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['RC'] == 'X' %>" name="rc" value="X" title="(X) Assigning this value to the metric will not influence the score.">Not Defined <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
50
+ <div class="btn-group mb-4" data-toggle="buttons-radio">
51
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['RC'] == 'X' %>" name="rc" value="X" data-label="Not Defined" title="(X) Assigning this value to the metric will not influence the score.">Not Defined <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
52
52
 
53
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['RC'] == 'U' %>" name="rc" value="U" title="(U) There are reports of impacts that indicate a vulnerability is present. The reports indicate that the cause of the vulnerability is unknown, or reports may differ on the cause or impacts of the vulnerability. Reporters are uncertain of the true nature of the vulnerability, and there is little confidence in the validity of the reports or whether a static Base score can be applied given the differences described. An example is a bug report which notes that an intermittent but non-reproducible crash occurs, with evidence of memory corruption suggesting that denial of service, or possible more serious impacts, may result.">Unknown <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
53
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['RC'] == 'U' %>" name="rc" value="U" data-label="Unknown" title="(U) There are reports of impacts that indicate a vulnerability is present. The reports indicate that the cause of the vulnerability is unknown, or reports may differ on the cause or impacts of the vulnerability. Reporters are uncertain of the true nature of the vulnerability, and there is little confidence in the validity of the reports or whether a static Base score can be applied given the differences described. An example is a bug report which notes that an intermittent but non-reproducible crash occurs, with evidence of memory corruption suggesting that denial of service, or possible more serious impacts, may result.">Unknown <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
54
54
 
55
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['RC'] == 'R' %>" name="rc" value="R" title="(R) Significant details are published, but researchers either do not have full confidence in the root cause, or do not have access to source code to fully confirm all of the interactions that may lead to the result. Reasonable confidence exists, however, that the bug is reproducible and at least one impact is able to be verified (Proof-of-concept exploits may provide this). An example is a detailed write-up of research into a vulnerability with an explanation (possibly obfuscated or 'left as an exercise to the reader') that gives assurances on how to reproduce the results.">Reasonable <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
55
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['RC'] == 'R' %>" name="rc" value="R" data-label="Reasonable" title="(R) Significant details are published, but researchers either do not have full confidence in the root cause, or do not have access to source code to fully confirm all of the interactions that may lead to the result. Reasonable confidence exists, however, that the bug is reproducible and at least one impact is able to be verified (Proof-of-concept exploits may provide this). An example is a detailed write-up of research into a vulnerability with an explanation (possibly obfuscated or 'left as an exercise to the reader') that gives assurances on how to reproduce the results.">Reasonable <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
56
56
 
57
- <button type="button" class="btn btn-med<%= ' active btn-primary' if @cvss_vector['RC'] == 'C' %>" name="rc" value="C" title="(C) Detailed reports exist, or functional reproduction is possible (functional exploits may provide this). Source code is available to independently verify the assertions of the research, or the author or vendor of the affected code has confirmed the presence of the vulnerability.">Confirmed <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
57
+ <button type="button" class="btn <%= 'active btn-primary' if @cvss_vector['RC'] == 'C' %>" name="rc" value="C" data-label="Confirmed" title="(C) Detailed reports exist, or functional reproduction is possible (functional exploits may provide this). Source code is available to independently verify the assertions of the research, or the author or vendor of the affected code has confirmed the presence of the vulnerability.">Confirmed <i class="fa fa-question-circle-o" aria-hidden="true"></i></button>
58
58
  </div>
59
59
 
60
60
  </div>
@@ -4,11 +4,10 @@
4
4
 
5
5
  <p class="lead">Use this page to calculate the <abbr title="Common Vulnerability Scoring System">CVSS</abbr> score of a given finding.</p>
6
6
 
7
- <p class="alert alert-error text-error hide" data-behavior="cvss-error"></p>
8
-
7
+ <p class="alert alert-danger d-none" data-behavior="cvss-error"></p>
9
8
 
10
9
  <div class="row">
11
- <div class="span8">
10
+ <div class="col-8">
12
11
 
13
12
  <h2 title="The Base Metric group represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Determine the vulnerable component and score Attack Vector, Attack Complexity, Privileges Required and User Interaction relative to this.">
14
13
  Base: <span id="base-score">0</span>
@@ -26,8 +25,8 @@
26
25
  <%= render 'dradis/plugins/calculators/cvss/base/environmental' %>
27
26
  </div>
28
27
 
29
- <div class="span4">
30
- <textarea name="cvss_fields" rows="52" style="width:100%">#[CVSSv3.Vector]#
28
+ <div class="col-4">
29
+ <textarea name="cvss_fields" rows="52" class="form-control" style="width:100%">#[CVSSv3.Vector]#
31
30
  N/A
32
31
 
33
32
  #[CVSSv3.BaseScore]#
@@ -56,8 +55,24 @@ N/A
56
55
  #[CVSSv3.BaseConfidentiality]#
57
56
  #[CVSSv3.BaseIntegrity]#
58
57
  #[CVSSv3.BaseAvailability]#
58
+
59
+ #[CVSSv3.TemporalExploitCodeMaturity]#
60
+ #[CVSSv3.TemporalRemediationLevel]#
61
+ #[CVSSv3.TemporalReportConfidence]#
62
+
59
63
  #[CVSSv3.EnvironmentalConfidentialityRequirement]#
60
64
  #[CVSSv3.EnvironmentalIntegrityRequirement]#
65
+ #[CVSSv3.EnvironmentalAvailabilityRequirement]#
66
+
67
+ #[CVSSv3.ModifiedAttackVector]#
68
+ #[CVSSv3.ModifiedAttackComplexity]#
69
+ #[CVSSv3.ModifiedPrivilegesRequired]#
70
+ #[CVSSv3.ModifiedUserInteraction]#
71
+ #[CVSSv3.ModifiedScope]#
72
+ #[CVSSv3.ModifiedConfidentiality]#
73
+ #[CVSSv3.ModifiedIntegrity]#
74
+ #[CVSSv3.ModifiedAvailability]#
75
+
61
76
 
62
77
  </textarea>
63
78
  </div>
@@ -1,14 +1,13 @@
1
1
  <div class="tab-pane" id="cvss-tab">
2
2
  <div class="inner">
3
- <h3>CVSSv3 Risk Scoring -
3
+ <h4 class="header-underline">CVSSv3 Risk Scoring -
4
4
  <span class="actions">
5
- <%= link_to cvss_calculator.cvss_project_issue_path(current_project, @issue),
6
- class: 'action-link' do %>
5
+ <%= link_to cvss_calculator.cvss_project_issue_path(current_project, @issue) do %>
7
6
  <i class="fa fa-pencil"></i> Edit
8
7
  <% end %>
9
- </h3>
8
+ </h4>
10
9
 
11
- <div class="content-textile">
10
+ <div class="mb-4 content-textile">
12
11
  <%=
13
12
  markup(
14
13
  @issue.fields
@@ -1 +1,3 @@
1
- <li><a href="#cvss-tab" data-toggle="tab"><i class="fa fa-calculator"></i> CVSSv3</a></li>
1
+ <li class="nav-item">
2
+ <a href="#cvss-tab" data-toggle="tab" class="nav-link"><i class="fa fa-calculator"></i> CVSSv3</a>
3
+ </li>
@@ -4,75 +4,100 @@
4
4
  <%= render 'issues/sidebar'%>
5
5
  <% end %>
6
6
 
7
- <div id="issues_editor">
8
- <div class="inner note-text-inner">
9
- <h3>Edit CVSSv3 Risk Scoring</h3>
10
-
11
- <%= simple_form_for [:cvss, current_project, @issue] do |f| %>
12
-
13
- <div class="alert alert-error text-error hide" data-behavior="cvss-error">
14
- <p><strong>Warning</strong>: all Base metrics are required</p>
15
- </div>
16
- <br/>
17
-
18
- <ul class="nav nav-pills" id="cvss-tabs">
19
- <li class="active"><a href="#cvss-edit-base" data-toggle="tab">Base: <span id="base-score">0</span></a></li>
20
- <li><a href="#cvss-edit-temporal" data-toggle="tab">Temporal: <span id="temporal-score">0</span></a></li>
21
- <li><a href="#cvss-edit-environmental" data-toggle="tab">Environmental: <span id="environmental-score">0</span></a></li>
22
- <li class="pull-right"><a href="#cvss-edit-result" data-toggle="tab">Result</a></li>
23
- </ul>
24
-
25
- <div class="tab-content">
26
- <div class="tab-pane active" id="cvss-edit-base">
27
- <%= render 'dradis/plugins/calculators/cvss/base/base' %>
28
- </div>
29
- <div class="tab-pane" id="cvss-edit-temporal">
30
- <%= render 'dradis/plugins/calculators/cvss/base/temporal' %>
31
- </div>
32
- <div class="tab-pane" id="cvss-edit-environmental">
33
- <%= render 'dradis/plugins/calculators/cvss/base/environmental' %>
7
+ <div class="content-container">
8
+ <h4 class="header-underline">Edit CVSSv3 Risk Scoring</h4>
9
+ <div id="issues_editor">
10
+ <div class="inner note-text-inner">
11
+
12
+ <%= simple_form_for [:cvss, current_project, @issue] do |f| %>
13
+
14
+ <div class="alert alert-error text-error" data-behavior="cvss-error">
15
+ <p><strong>Warning</strong>: all Base metrics are required</p>
34
16
  </div>
35
17
 
36
- <div class="tab-pane" id="cvss-edit-result">
37
- <textarea name="cvss_fields" rows="10" style="width:95%">#[CVSSv3.Vector]#
38
- N/A
18
+ <ul class="nav nav-pills w-100" id="cvss-tabs">
19
+ <li class="nav-item">
20
+ <a href="#cvss-edit-base" data-toggle="pill" class="nav-link active">Base: <span id="base-score">0</span></a>
21
+ </li>
22
+ <li class="nav-item">
23
+ <a href="#cvss-edit-temporal" data-toggle="pill" class="nav-link">Temporal: <span id="temporal-score">0</span></a>
24
+ </li>
25
+ <li class="nav-item">
26
+ <a href="#cvss-edit-environmental" data-toggle="pill" class="nav-link">Environmental: <span id="environmental-score">0</span></a>
27
+ </li>
28
+ <li class="nav-item pull-right">
29
+ <a href="#cvss-edit-result" data-toggle="pill" class="nav-link">Result</a>
30
+ </li>
31
+ </ul>
32
+
33
+ <div class="tab-content mt-4">
34
+ <div class="tab-pane active" id="cvss-edit-base">
35
+ <%= render 'dradis/plugins/calculators/cvss/base/base' %>
36
+ </div>
37
+ <div class="tab-pane" id="cvss-edit-temporal">
38
+ <%= render 'dradis/plugins/calculators/cvss/base/temporal' %>
39
+ </div>
40
+ <div class="tab-pane" id="cvss-edit-environmental">
41
+ <%= render 'dradis/plugins/calculators/cvss/base/environmental' %>
42
+ </div>
43
+
44
+ <div class="tab-pane" id="cvss-edit-result">
45
+ <textarea class="form-control" name="cvss_fields" rows="10" style="width:95%">#[CVSSv3.Vector]#
46
+ N/A
39
47
 
40
- #[CVSSv3.BaseScore]#
41
- N/A
48
+ #[CVSSv3.BaseScore]#
49
+ N/A
42
50
 
43
- #[CVSSv3.BaseSeverity]#
44
- N/A
51
+ #[CVSSv3.BaseSeverity]#
52
+ N/A
45
53
 
46
- #[CVSSv3.TemporalScore]#
47
- N/A
54
+ #[CVSSv3.TemporalScore]#
55
+ N/A
48
56
 
49
- #[CVSSv3.TemporalSeverity]#
50
- N/A
57
+ #[CVSSv3.TemporalSeverity]#
58
+ N/A
51
59
 
52
- #[CVSSv3.EnvironmentalScore]#
53
- N/A
60
+ #[CVSSv3.EnvironmentalScore]#
61
+ N/A
54
62
 
55
- #[CVSSv3.EnvironmentalSeverity]#
56
- N/A
63
+ #[CVSSv3.EnvironmentalSeverity]#
64
+ N/A
57
65
 
58
- #[CVSSv3.BaseAttackVector]#
59
- #[CVSSv3.BaseAttackComplexity]#
60
- #[CVSSv3.BasePrivilegesRequired]#
61
- #[CVSSv3.BaseUserInteraction]#
62
- #[CVSSv3.BaseScope]#
63
- #[CVSSv3.BaseConfidentiality]#
64
- #[CVSSv3.BaseIntegrity]#
65
- #[CVSSv3.BaseAvailability]#
66
- #[CVSSv3.EnvironmentalConfidentialityRequirement]#
67
- #[CVSSv3.EnvironmentalIntegrityRequirement]#
68
- </textarea>
66
+ #[CVSSv3.BaseAttackVector]#
67
+ #[CVSSv3.BaseAttackComplexity]#
68
+ #[CVSSv3.BasePrivilegesRequired]#
69
+ #[CVSSv3.BaseUserInteraction]#
70
+ #[CVSSv3.BaseScope]#
71
+ #[CVSSv3.BaseConfidentiality]#
72
+ #[CVSSv3.BaseIntegrity]#
73
+ #[CVSSv3.BaseAvailability]#
74
+
75
+ #[CVSSv3.TemporalExploitCodeMaturity]#
76
+ #[CVSSv3.TemporalRemediationLevel]#
77
+ #[CVSSv3.TemporalReportConfidence]#
78
+
79
+ #[CVSSv3.EnvironmentalConfidentialityRequirement]#
80
+ #[CVSSv3.EnvironmentalIntegrityRequirement]#
81
+ #[CVSSv3.EnvironmentalAvailabilityRequirement]#
82
+
83
+ #[CVSSv3.ModifiedAttackVector]#
84
+ #[CVSSv3.ModifiedAttackComplexity]#
85
+ #[CVSSv3.ModifiedPrivilegesRequired]#
86
+ #[CVSSv3.ModifiedUserInteraction]#
87
+ #[CVSSv3.ModifiedScope]#
88
+ #[CVSSv3.ModifiedConfidentiality]#
89
+ #[CVSSv3.ModifiedIntegrity]#
90
+ #[CVSSv3.ModifiedAvailability]#
91
+
92
+ </textarea>
93
+ </div>
69
94
  </div>
70
- </div>
71
95
 
72
- <div class="form-actions">
73
- <%= f.button :submit, nil, class: 'btn btn-primary' %> or
74
- <%= link_to 'Cancel', main_app.project_issue_path(current_project, @issue), class: 'cancel-link' %>
75
- </div>
76
- <% end %>
96
+ <div class="form-actions">
97
+ <%= f.button :submit, nil, class: 'btn btn-primary' %> or
98
+ <%= link_to 'Cancel', main_app.project_issue_path(current_project, @issue), class: 'cancel-link' %>
99
+ </div>
100
+ <% end %>
101
+ </div>
77
102
  </div>
78
103
  </div>
@@ -10,18 +10,16 @@
10
10
  </head>
11
11
  <body class="authenticated">
12
12
  <div class="container">
13
- <div class="navbar">
14
- <div class="navbar-inner">
15
- <a href="javascript:void(0)" class="brand">CVSS score calculator</a>
16
- <ul class="nav pull-right">
17
- <li>
18
- <%= link_to main_app.root_path do %>
19
- Back to the app &rarr;
20
- <% end %>
21
- </li>
22
- </ul>
23
- </div>
24
- </div>
13
+ <nav class="navbar navbar-light bg-light">
14
+ <a href="javascript:void(0)" class="navbar-brand">CVSS score calculator</a>
15
+ <ul class="navbar-nav pull-right">
16
+ <li class="nav-item">
17
+ <%= link_to main_app.root_path, class: 'nav-link' do %>
18
+ Back to the app &rarr;
19
+ <% end %>
20
+ </li>
21
+ </ul>
22
+ </nav>
25
23
 
26
24
  <%= yield%>
27
25
  </div>
@@ -9,7 +9,7 @@ module Dradis
9
9
 
10
10
  module VERSION
11
11
  MAJOR = 3
12
- MINOR = 14
12
+ MINOR = 19
13
13
  TINY = 0
14
14
  PRE = nil
15
15
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dradis-calculator_cvss
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.14.0
4
+ version: 3.19.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Martin
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-08-13 00:00:00.000000000 Z
11
+ date: 2020-09-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dradis-plugins
@@ -69,8 +69,8 @@ files:
69
69
  - README.md
70
70
  - Rakefile
71
71
  - app/assets/javascripts/dradis/plugins/calculators/cvss/calculator.js.coffee
72
- - app/assets/javascripts/dradis/plugins/calculators/cvss/manifests/application.js.coffee
73
- - app/assets/javascripts/dradis/plugins/calculators/cvss/manifests/snowcrash.js.coffee
72
+ - app/assets/javascripts/dradis/plugins/calculators/cvss/manifests/application.js
73
+ - app/assets/javascripts/dradis/plugins/calculators/cvss/manifests/tylium.js
74
74
  - app/assets/javascripts/dradis/plugins/calculators/cvss/vendor/cvsscalc30.js
75
75
  - app/assets/stylesheets/dradis/plugins/calculators/cvss/manifests/application.css.scss
76
76
  - app/controllers/dradis/plugins/calculators/cvss/base_controller.rb
@@ -111,7 +111,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
111
111
  - !ruby/object:Gem::Version
112
112
  version: '0'
113
113
  requirements: []
114
- rubygems_version: 3.0.3
114
+ rubygems_version: 3.0.1
115
115
  signing_key:
116
116
  specification_version: 4
117
117
  summary: This plugin adds a CVSSv3 score calculator to Dradis.