-
I'm just trying to wire this plugin up for the first time so may be doing something wrong, but...
My ESLint annotations come through, but my RSpec ones fail with the following output:
```
$ bui…
-
90% of breaches start via Phishing. This is aided if an attacker can successfully spoof a legitimate domain.
Email Spoofing (On the primary email domain) is currently listed as a P3, but missing DM…
-
This is an oddball. / redirects to jetblog.jet.com, however, x.jet.com also has a wordpress installation. I can't make wpscan understand that a site is there, however.
Trying:
```ruby bin/wpscan …
sullo updated
5 years ago
-
While you can pin the version of the plugin in `pipeline.yml`, the plugin just pulls the latest version of the `plugin-linter` docker image. This can cause builds to fail under your feet if something …
-
The _Development Guide_ link on https://bugcrowd.com/freedomofpress points to https://docs.securedrop.org/en/latest/development/getting_started.html which returns a 404.
![image](https://user-image…
-
I have created a brittle method to determine the validity of a `cvss_string`. I would prefer to catch a specific error class raised by `CvssSuite` so that I do not have to rely on the error string as…
-
The VRT includes a number of intentionally-limited entries designated as `varies` due to both the technical and policy-based context necessary to prioritize. I believe we have an opportunity to clarif…
-
My proposed change is to add a entry for "Broken Authentication and Session Management"->"Second Factor Authentication Bypass". I also feel as if a P2~P3 priority aligns well with that entry.
As a …
-
Where does blind xss fall? I can't figure it out. I think it is at least P3 but that is open to discussion.
-
At the moment there's no difference between Flash-based Reflected XSS and classic Reflected XSS, they're all considered P3 bugs according to the current VRT version.
IMHO, considering Flash-based X…