How to filter for all 10 'OWASP Top 10 2017' in SSC

[POPINACAP]

I am working on a custom config where low friority vulnerabilities will only be exported if they are in the OWASP top 10. So far I have found a way to filter for one at a time in the top 10 using the following filterParam

filterParam: EXTERNALLIST[3C6ECB67-BBD9-4259-A8DB-B49328927248]:11130

This returns all vulnerabilities that are A1 Injections or in other words the top 1 in the OWASP top 10. Then referencing 11131 would give you A2 and so on.

It seems like filtering for All 10 in the top 10 should be possible, just my knowledge of SpEL just isn't there so most of the different configurations of that parameter I've tried haven't been successful. So if you could point me in the right direction I'd appreciate it.

[rsenden]

The value passed to the filterParam property is passed to SSC in the filter request parameter to perform server-side filtering. SpEL is only used for client-side processing, so isn't relevant here.

The filterParam property is equivalent to the Filter by box in the SSC user interface. Recent versions of SSC (at least 22.1 and 22.2) allow for filtering by multiple values, and you can use the browser Developer Tools to view the values passed in request parameters:

As such, although I haven't tested myself, I think you can just pass a comma-separated list in the filterParam property to select multiple categories, i.e.:

filterParam: EXTERNALLIST[3C6ECB67-BBD9-4259-A8DB-B49328927248]:11130,EXTERNALLIST[3C6ECB67-BBD9-4259-A8DB-B49328927248]:11131,EXTERNALLIST[3C6ECB67-BBD9-4259-A8DB-B49328927248]:11132,...

[POPINACAP]

Oh okay, I must have misread that. That makes sense.

Good to know about the developer tools.

Yeah just tested it and passing in a comma-separated list works. Thanks for the quick and detailed response

[rsenden]

Closing this issue as it has been solved.