dradis-netsparker 3.10.0 → 3.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,3 +1,4 @@
1
+ issue.actions_to_take
1
2
  issue.certainty
2
3
  issue.classification_capec
3
4
  issue.classification_cvss_vector
@@ -15,7 +16,12 @@ issue.classification_pci31
15
16
  issue.classification_pci32
16
17
  issue.classification_wasc
17
18
  issue.description
19
+ issue.external_references
20
+ issue.extrainformation
21
+ issue.impact
18
22
  issue.remedy
23
+ issue.remedy_references
24
+ issue.required_skills_for_exploitation
19
25
  issue.severity
20
26
  issue.title
21
27
  issue.type
@@ -4,7 +4,13 @@
4
4
  <severity>Information</severity>
5
5
  <certainty>100</certainty>
6
6
  ​<description><![CDATA[<p>Netsparker detected a missing <code>X-XSS-Protection</code> header which means that this website could be at risk of a Cross-site Scripting (XSS) attacks.</p>]]></description>
7
+ <impact><![CDATA[ <div>;This issue is reported as additional information only. There is no direct impact arising from this issue.</div> ]]></impact>
8
+ <actionsToTake><![CDATA[Placeholder Actions to Take for plugin manager configuration]]></actionsToTake>
7
9
  <remedy><![CDATA[<div>Add the X-XSS-Protection header with a value of "1; mode= block".<ul><li><pre class="code">X-XSS-Protection: 1; mode=block</pre></li></ul></div>]]></remedy>
10
+ <requiredSkillsForExploitation><![CDATA[ Placeholder Required Skills for Exploitation for Plugin Manager configuration ]]></requiredSkillsForExploitation>
11
+ <externalReferences><![CDATA[ <div><ul><li><a href='https://msdn.microsoft.com/en-us/library/cc288472(VS.85).aspx#_replace'>MSDN - Internet Explorer 8 Security Features</a></li><li><a href='https://blogs.msdn.com/b/ie/archive/2008/07/01/ie8-security-part-iv-the-xss-filter.aspx'>Internet Explorer 8 XSS Filter</a></li></ul></div> ]]></externalReferences>
12
+ <remedyReferences><![CDATA[ Placeholder Remedy References for Plugin Manager configuration ]]></remedyReferences>
13
+ <proofOfConcept><![CDATA[ Placeholder Proof of Concept for Plugin Manager configuration ]]></proofOfConcept>
8
14
 
9
15
  <rawrequest><![CDATA[GET /javascripts/responsive.js HTTP/1.1
10
16
  Host: test.testlab.com:3000
@@ -36,7 +42,10 @@ function openFlyout() {
36
42
  });
37
43
  }
38
44
  ]]></rawresponse>
39
- <extrainformation></extrainformation>
45
+ <extrainformation>
46
+ <info name="Example Name"><![CDATA[SESSIONID]]></info>
47
+ </extrainformation>
48
+
40
49
 
41
50
  <proofs></proofs>
42
51
 
@@ -12,4 +12,3 @@
12
12
 
13
13
  #[Remedy]#
14
14
  %issue.remedy%
15
-
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dradis-netsparker
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.10.0
4
+ version: 3.11.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daniel Martin
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-08-31 00:00:00.000000000 Z
11
+ date: 2018-11-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dradis-plugins
@@ -123,6 +123,7 @@ files:
123
123
  - spec/fixtures/files/example-evidence.xml
124
124
  - spec/fixtures/files/example.xml
125
125
  - spec/fixtures/files/netsparker-localhost-demo.xml
126
+ - spec/fixtures/files/testsparker.xml
126
127
  - spec/spec_helper.rb
127
128
  - templates/evidence.fields
128
129
  - templates/evidence.sample
@@ -150,7 +151,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
150
151
  version: '0'
151
152
  requirements: []
152
153
  rubyforge_project:
153
- rubygems_version: 2.6.8
154
+ rubygems_version: 2.6.12
154
155
  signing_key:
155
156
  specification_version: 4
156
157
  summary: Netsparker add-on for the Dradis Framework.
@@ -159,4 +160,5 @@ test_files:
159
160
  - spec/fixtures/files/example-evidence.xml
160
161
  - spec/fixtures/files/example.xml
161
162
  - spec/fixtures/files/netsparker-localhost-demo.xml
163
+ - spec/fixtures/files/testsparker.xml
162
164
  - spec/spec_helper.rb