=== on 19 Sep 2014, 13:35:26 Freddy Mallet wrote:
@Ann:

* I would activate this rule by default because I don't see when this rule might generate some false-positives
* I would associate the rule to the SQALE sub-characteristic "Error"
* I guess this rule belongs to OWASP Top 10 ?

=== on 22 Sep 2014, 11:44:56 Ann Campbell wrote:
For the record: not in the OWASP Top 10

=== on 12 Dec 2014, 21:26:02 Sébastien Gioria wrote:
as the result could be to stackTrace or information reply on the browser, we could consider this issue in OWASP-TOP10-A6

=== on 15 Dec 2014, 10:22:03 Freddy Mallet wrote:
This is a good point [~sebastien.gioria] which raises another question: for the time being we tag a rule relating to a CWE item with tag "owasp-top10" if and only if in the MITRE CWE referential, this CWE item is part of http://cwe.mitre.org/data/definitions/928.html[CWE-928: Weaknesses in OWASP Top Ten (2013)]. Do you think this is a too strong requirement [~sebastien.gioria] ?

=== on 20 Jul 2015, 07:49:37 Ann Campbell wrote:
Tagged java-top by Ann

=== on 13 Nov 2019, 15:06:56 Guillaume Dequenne wrote:
Updating the message to explicitly mention which unhandled exception type triggered the issue (as the method invocation could already be in a try/catch block without a correct catch clause).