dradis-netsparker 3.10.0 → 3.11.0

data/templates/issue.fields

@@ -1,3 +1,4 @@
+issue.actions_to_take
 issue.certainty
 issue.classification_capec
 issue.classification_cvss_vector
@@ -15,7 +16,12 @@ issue.classification_pci31
 issue.classification_pci32
 issue.classification_wasc
 issue.description
+issue.external_references
+issue.extrainformation
+issue.impact
 issue.remedy
+issue.remedy_references
+issue.required_skills_for_exploitation
 issue.severity
 issue.title
 issue.type

data/templates/issue.sample

@@ -4,7 +4,13 @@
   <severity>Information</severity>
   <certainty>100</certainty>
   ​<description><![CDATA[<p>Netsparker detected a missing <code>X-XSS-Protection</code> header which means that this website could be at risk of a Cross-site Scripting (XSS) attacks.</p>]]></description>
+  <impact><![CDATA[ <div>;This issue is reported as additional information only. There is no direct impact arising from this issue.</div> ]]></impact>
+  <actionsToTake><![CDATA[Placeholder Actions to Take for plugin manager configuration]]></actionsToTake>
   <remedy><![CDATA[<div>Add the X-XSS-Protection header with a value of "1; mode= block".<ul><li><pre class="code">X-XSS-Protection: 1; mode=block</pre></li></ul></div>]]></remedy>
+  <requiredSkillsForExploitation><![CDATA[ Placeholder Required Skills for Exploitation for Plugin Manager configuration ]]></requiredSkillsForExploitation>
+  <externalReferences><![CDATA[ <div><ul><li><a href='https://msdn.microsoft.com/en-us/library/cc288472(VS.85).aspx#_replace'>MSDN - Internet Explorer 8 Security Features</a></li><li><a href='https://blogs.msdn.com/b/ie/archive/2008/07/01/ie8-security-part-iv-the-xss-filter.aspx'>Internet Explorer 8 XSS Filter</a></li></ul></div> ]]></externalReferences>
+  <remedyReferences><![CDATA[ Placeholder Remedy References for Plugin Manager configuration ]]></remedyReferences>
+  <proofOfConcept><![CDATA[ Placeholder Proof of Concept for Plugin Manager configuration ]]></proofOfConcept>
 
   <rawrequest><![CDATA[GET /javascripts/responsive.js HTTP/1.1
 Host: test.testlab.com:3000
@@ -36,7 +42,10 @@ function openFlyout() {
   });
 }
 ]]></rawresponse>
-  <extrainformation></extrainformation>
+  <extrainformation>
+    <info name="Example Name"><![CDATA[SESSIONID]]></info>
+  </extrainformation>
+
 
   <proofs></proofs>
 

data/templates/issue.template

@@ -12,4 +12,3 @@
 
 #[Remedy]#
 %issue.remedy%
-

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-netsparker
 version: !ruby/object:Gem::Version
-  version: 3.10.0
+  version: 3.11.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-08-31 00:00:00.000000000 Z
+date: 2018-11-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -123,6 +123,7 @@ files:
 - spec/fixtures/files/example-evidence.xml
 - spec/fixtures/files/example.xml
 - spec/fixtures/files/netsparker-localhost-demo.xml
+- spec/fixtures/files/testsparker.xml
 - spec/spec_helper.rb
 - templates/evidence.fields
 - templates/evidence.sample
@@ -150,7 +151,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.8
+rubygems_version: 2.6.12
 signing_key: 
 specification_version: 4
 summary: Netsparker add-on for the Dradis Framework.
@@ -159,4 +160,5 @@ test_files:
 - spec/fixtures/files/example-evidence.xml
 - spec/fixtures/files/example.xml
 - spec/fixtures/files/netsparker-localhost-demo.xml
+- spec/fixtures/files/testsparker.xml
 - spec/spec_helper.rb