diff options
| author | Pascal Mugnier <pascal.mugnier@sonarsource.com> | 2018-07-10 13:12:50 +0200 |
|---|---|---|
| committer | SonarTech <sonartech@sonarsource.com> | 2018-07-17 20:21:25 +0200 |
| commit | 645ffc5c8a0b18ae2d24debc4a50844c2b909395 (patch) | |
| tree | cd1ccc0490b16066414a9815b658d0495b5cc5e7 /server/sonar-web/src/main/js/helpers/standards.json | |
| parent | 5069a9f3a9e1a675ccc929e92d58412eb3641015 (diff) | |
| download | sonarqube-645ffc5c8a0b18ae2d24debc4a50844c2b909395.tar.gz sonarqube-645ffc5c8a0b18ae2d24debc4a50844c2b909395.zip | |
Add security hotspots page (#478)
Diffstat (limited to 'server/sonar-web/src/main/js/helpers/standards.json')
| -rw-r--r-- | server/sonar-web/src/main/js/helpers/standards.json | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/server/sonar-web/src/main/js/helpers/standards.json b/server/sonar-web/src/main/js/helpers/standards.json index fca50b88517..cea1023329c 100644 --- a/server/sonar-web/src/main/js/helpers/standards.json +++ b/server/sonar-web/src/main/js/helpers/standards.json @@ -3,12 +3,12 @@ "a1": { "title": "Injection", "description": - "Injection flaws, such as SQL, NoSQL, OS, and LDAP injection, occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization." + "Injection flaws, such as SQL, NoSQL, OS, and LDAP injection, occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization." }, "a2": { "title": "Broken Authentication", "description": - "Application functions related to authentication and session management are often implemented incorrectly, allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities temporarily or permanently." + "Application functions related to authentication and session management are often implemented incorrectly, allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities temporarily or permanently." }, "a3": { "title": "Sensitive Data Exposure", @@ -23,7 +23,7 @@ "a5": { "title": "Broken Access Control", "description": - "Restrictions on what authenticated users are allowed to do are often not properly enforced. Attackers can exploit these flaws to access unauthorized functionality and/or data, such as access other users' accounts, view sensitive files, modify other users’ data, change access rights, etc." + "Restrictions on what authenticated users are allowed to do are often not properly enforced. Attackers can exploit these flaws to access unauthorized functionality and/or data, such as access other users' accounts, view sensitive files, modify other users’ data, change access rights, etc." }, "a6": { "title": "Security Misconfiguration", @@ -33,7 +33,7 @@ "a7": { "title": "Cross-Site Scripting (XSS)", "description": - "XSS flaws occur whenever an application includes untrusted data in a new web page without proper validation or escaping, or updates an existing web page with user-supplied data using a browser API that can create HTML or JavaScript. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites." + "XSS flaws occur whenever an application includes untrusted data in a new web page without proper validation or escaping, or updates an existing web page with user-supplied data using a browser API that can create HTML or JavaScript. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites." }, "a8": { "title": "Insecure Deserialization", |