aboutsummaryrefslogtreecommitdiffstats
path: root/server/sonar-web/src/main/js/helpers/standards.json
diff options
context:
space:
mode:
authorWouter Admiraal <wouter.admiraal@sonarsource.com>2019-04-17 15:33:26 +0200
committersonartech <sonartech@sonarsource.com>2019-05-07 09:54:27 +0200
commit378fa0ac1a561bcd9d0c5f2e063a9c4ea17a0511 (patch)
tree608eac38ca66321dd85f5101d2964008306964a0 /server/sonar-web/src/main/js/helpers/standards.json
parent699a47b373815a9cf368e287b343d151f5fc0a59 (diff)
downloadsonarqube-378fa0ac1a561bcd9d0c5f2e063a9c4ea17a0511.tar.gz
sonarqube-378fa0ac1a561bcd9d0c5f2e063a9c4ea17a0511.zip
SONAR-11983 Create a new 'SonarSource' security report page
Diffstat (limited to 'server/sonar-web/src/main/js/helpers/standards.json')
-rw-r--r--server/sonar-web/src/main/js/helpers/standards.json68
1 files changed, 66 insertions, 2 deletions
diff --git a/server/sonar-web/src/main/js/helpers/standards.json b/server/sonar-web/src/main/js/helpers/standards.json
index f2d32e1715b..051fc01038d 100644
--- a/server/sonar-web/src/main/js/helpers/standards.json
+++ b/server/sonar-web/src/main/js/helpers/standards.json
@@ -3619,8 +3619,72 @@
},
"99": {
"title": "Improper Control of Resource Identifiers ('Resource Injection')",
- "description":
- "The software receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control."
+ "description": "The software receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control."
+ }
+ },
+ "sonarsourceSecurity": {
+ "sql-injection": {
+ "title": "SQL Injection"
+ },
+ "rce": {
+ "title": "Code Injection (RCE)"
+ },
+ "object-injection": {
+ "title": "Object Injection"
+ },
+ "command-injection": {
+ "title": "Command Injection"
+ },
+ "path-traversal-injection": {
+ "title": "Path Traversal Injection"
+ },
+ "ldap-injection": {
+ "title": "LDAP Injection"
+ },
+ "xpath-injection": {
+ "title": "XPath Injection"
+ },
+ "expression-lang-injection": {
+ "title": "Expression Language Injection"
+ },
+ "log-injection": {
+ "title": "Log Injection"
+ },
+ "xxe": {
+ "title": "XML External Entity (XXE)"
+ },
+ "xss": {
+ "title": "Cross-Site Scripting (XSS)"
+ },
+ "dos": {
+ "title": "Denial of Service (DoS)"
+ },
+ "ssrf": {
+ "title": "Server-Side Request Forgery (SSRF)"
+ },
+ "csrf": {
+ "title": "Cross-Site Request Forgery (CSRF)"
+ },
+ "http-response-splitting": {
+ "title": "HTTP Response Splitting"
+ },
+ "open-redirect": {
+ "title": "Open Redirect"
+ },
+ "weak-cryptography": {
+ "title": "Weak Cryptography"
+ },
+ "auth": {
+ "title": "Authentication"
+ },
+ "insecure-conf": {
+ "title": "Insecure Configuration"
+ },
+ "file-manipulation": {
+ "title": "File Manipulation"
+ },
+ "others": {
+ "title": "Others"
}
}
}