-
Notifications
You must be signed in to change notification settings - Fork 799
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVSS3 Score of a vulnerability can be empty at creation but display error if empty at edition #5586
Comments
To add more details, I reproduce this bug, but the error message appears and stays something like 1 second. |
@nino-filigran @Jipegien do we want to make the field CVSS3-Score mandatory or not? |
@Archidoit not it's not! |
@nino-filigran By default, at a vulnerability creation, the score value is set to 1. Do we want to keep this? |
what @Jipegien explained to me is that bascially it's better if a vulnerability has a score but it should not be blocking. I assume that is the reason why we put a default scor? |
Go to a vulnerability overview.
Click on the 'edit' button.
Go to the 'details' tab.
Add or change the 'CVSS3 - Severity' field.
An error occurs for the field 'CVSS3 - Score' but you can update the vulnerability and you can create a vulnerability with this field empty.
The text was updated successfully, but these errors were encountered: