factionsecurity / faction

Pen Test Report Generation and Assessment Collaboration
https://www.factionsecurity.com/
GNU General Public License v2.0
432 stars 31 forks source link

Unable to set Severity colors if inside ${fiBegin} / ${fiEnd} Block #43

Closed n13c closed 8 months ago

n13c commented 8 months ago

Hi, I am testing Version 1.1.25.2, self hosted.

I am trying to configure a report in a way that each vulnerability has its how heading, so far i was able to make it work using the following:

  1. Vulnerability List

${fiBegin}

1.1 ${vulnname} Table with vulnerability details using ${severity}, ${category}, ${desc}, etc...

${fiEnd}

It creates the vulnerabilities following the heading (1.1, 1.2, 1.3, etc... ) but i am not able to set the severity colors. if i add "${vulnTable} ${cells Critical=8064a2,High=c0504d,Medium=e68e00, Low=33D7FF,Recommended=081417,Informational=657376}"" to the top row of my table it does not interpret it.

${fiBegin} and ${vulnTable} ${cells} are not compatible? Is there a way to define severity color for a specific cell in conjunction with ${fiBegin} / ${fiEnd} ?

Thank you.

summitt commented 8 months ago

yes.. the ${cells} attribute can only be applied to tables. I assume you want to change an H1, H2, H3, etc background color so that it reflects the severity. It currently does not support background colors but I'll file it as a bug and see if I can get a fix out this week. It does however support changing the foreground color.

n13c commented 8 months ago

yes.. the ${cells} attribute can only be applied to tables. I assume you want to change an H1, H2, H3, etc background color so that it reflects the severity. It currently does not support background colors but I'll file it as a bug and see if I can get a fix out this week. It does however support changing the foreground color.

An example of what i meant: image

That is why i was asking if ${vulnTable} ${cells} is compatible with ${fiBegin} / ${fiEnd}, as they don't appear to be working inside a ${fiBegin} / ${fiEnd} block.

summitt commented 8 months ago

I didn't explain well.. but also thanks for the extra context.. You are correct that${cells is not currently compatible in fiBegin/fiEnd blocks. I'm working on a change now and will have that mitigated before the end of the day.

summitt commented 8 months ago

I just pushed a change to fix this issue: https://github.com/factionsecurity/faction/releases/tag/1.1.26.2

Also... vulntable should have been vulnTable. I set it to match what is in the other section and updated the documentation here: https://docs.factionsecurity.com/Custom%20Security%20Report%20Templates/

Here are the results of my very basic test:

Template image

Result image

n13c commented 8 months ago

Tested and it works fine, thanks for the quick fix.