ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S6362/see.adoc

11 lines
783 B
Plaintext
Raw Normal View History

Create rule S6362: Enabling JavaScript support for WebViews is security-sensitive (#433)
2021-10-12 09:46:11 +02:00
== See
Modify CWE and OWASP Top 10 links to follow standard link format (APPSEC-1134) (#3529) * Fix all CWE references * Fix all OWASP references * Fix missing CWE prefixes
2024-01-15 17:15:56 +01:00
* OWASP - https://owasp.org/Top10/A03_2021-Injection/[Top 10 2021 Category A3 - Injection]
* OWASP - https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration[Top 10 2017 Category A6 - Security Misconfiguration]
* OWASP - https://owasp.org/www-project-top-ten/2017/A7_2017-Cross-Site_Scripting_(XSS)[Top 10 2017 Category A7 - Cross-Site Scripting (XSS)]
Update security rules: add OWASP Mobile Top 10 2024 security standard (APPSEC-2383) (#4660)
2025-02-19 17:19:00 +01:00
* OWASP - https://owasp.org/www-project-mobile-top-10/2023-risks/m8-security-misconfiguration[Mobile Top 10 2024 Category M8 - Security Misconfiguration]
Modify CWE and OWASP Top 10 links to follow standard link format (APPSEC-1134) (#3529) * Fix all CWE references * Fix all OWASP references * Fix missing CWE prefixes
2024-01-15 17:15:56 +01:00
* CWE - https://cwe.mitre.org/data/definitions/79[CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')]
Update rule S7409: Clarify rule title and rule text (SONARKT-637) (#4826) * Update rule title and text according to previous discussion * Fix typo * Add references to S6362 and S7409 in both rules' descriptions
2025-03-28 13:55:14 +01:00
=== Related rules
* S7409 - Exposing Java objects through JavaScript interfaces is security-sensitive
Reference in New Issue Copy Permalink