In many cases, evidence, attack and params are present and they should be visible as well.
Example:
{u'alert': u'Cross Site Scripting (Reflected)',
u'attack': u'</b><script>alert(1);</script><b>',
u'cweid': u'79',
u'description': u"Cross-site Scripting (XSS) is an ..... containing the code.",
u'evidence': u'</b><script>alert(1);</script><b>',
u'id': u'6',
u'messageId': u'1318',
u'other': u'',
u'param': u'aspxerrorpath',
u'reference': u'http://projects.webappsec.org/Cross-Site-Scripting\nhttp://cwe.mitre.org/data/definitions/79.html',
u'reliability': u'Warning',
u'risk': u'High',
u'solution': u'Phase: Architecture and Design
While we group issue with the same title (e.g. SQL Injection) into a single issue, attack infos are different. The eaisest way is to associate them with the url.
In many cases, evidence, attack and params are present and they should be visible as well.
Example:
While we group issue with the same title (e.g. SQL Injection) into a single issue, attack infos are different. The eaisest way is to associate them with the url.