Open preetkaran20 opened 3 years ago
@hemantgs please share your thoughts
This is one such level where it is important for Scanners but not for Students: https://github.com/SasanLabs/VulnerableApp/blob/526ba97935777586c4762a38ea4af8213229448e/src/main/java/org/sasanlabs/service/vulnerability/jwt/JWTVulnerability.java#L404
we can have some kind of indicator in the UI to depict the level.
Is your feature request related to a problem? Please describe. While i was creating a new Vulnerability level for Persistent XSS which is based on PathParam instead of QueryParam from learning prespective both are almost same but from scanner point of view they are quite different so we need a way to segregate both using some kind of annotation or add an attribute to
VulnerableAppRequestMapping
. Both have pros and cons as if new annotation is added we might forget to add that annotation and if we make it as an attribute then already there are so many attributes which makes the annotation complex.Need to think more.