rspec/rules/S6384/common/resources/standards.adoc

=== Standards

* OWASP - https://mas.owasp.org/checklists/MASVS-PLATFORM/[Mobile AppSec Verification Standard - Platform Interaction Requirements]
* OWASP - https://owasp.org/www-project-mobile-top-10/2016-risks/m1-improper-platform-usage[Mobile Top 10 2016 Category M1 - Improper Platform Usage]
* OWASP - https://owasp.org/www-project-mobile-top-10/2023-risks/m4-insufficient-input-output-validation[Mobile Top 10 2024 Category M4 - Insufficient Input/Output Validation]
* CWE - https://cwe.mitre.org/data/definitions/20[CWE-20 - Improper Input Validation]
* STIG Viewer - https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222609[Application Security and Development: V-222609] - The application must not be subject to input handling vulnerabilities.
Modify rule S6384: Change text to the progressive education format (APPSEC-424) (#1535) 2023-02-03 16:54:18 +01:00			`=== Standards`
Create rule S6384[Java]: Components should not be vulnerable to intent redirection (#597) * Create rule S6384 * init rule s6384 Co-authored-by: eric-therond-sonarsource <eric-therond-sonarsource@users.noreply.github.com> Co-authored-by: eric-therond-sonarsource <eric.therond@sonarsource.com> Co-authored-by: Roberto Orlandi <71495874+roberto-orlandi-sonarsource@users.noreply.github.com> 2022-01-12 08:09:15 +01:00
Update URLs to point to mas.owasp.org (#4126) 2024-08-08 09:50:21 +02:00			`* OWASP - https://mas.owasp.org/checklists/MASVS-PLATFORM/[Mobile AppSec Verification Standard - Platform Interaction Requirements]`
Modify CWE and OWASP Top 10 links to follow standard link format (APPSEC-1134) (#3529) * Fix all CWE references * Fix all OWASP references * Fix missing CWE prefixes 2024-01-15 17:15:56 +01:00			`* OWASP - https://owasp.org/www-project-mobile-top-10/2016-risks/m1-improper-platform-usage[Mobile Top 10 2016 Category M1 - Improper Platform Usage]`
Update security rules: add OWASP Mobile Top 10 2024 security standard (APPSEC-2383) (#4660) 2025-02-19 17:19:00 +01:00			`* OWASP - https://owasp.org/www-project-mobile-top-10/2023-risks/m4-insufficient-input-output-validation[Mobile Top 10 2024 Category M4 - Insufficient Input/Output Validation]`
Modify rules: Add STIG AS&D 2023-06-08 mappings (#3914) * Update JSON schema to include STIG ASD 2023-06-08 mapping * Update rules to add STIG metadata mappings --------- Co-authored-by: Loris Sierra <loris.sierra@sonarsource.com> 2024-05-06 07:56:31 +01:00			`* CWE - https://cwe.mitre.org/data/definitions/20[CWE-20 - Improper Input Validation]`
			`* STIG Viewer - https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222609[Application Security and Development: V-222609] - The application must not be subject to input handling vulnerabilities.`