v1.2
Available on Bugcrowd here: https://bugcrowd.com/vulnerability-rating-taxonomy/1.2
Added
- sensitive_data_exposure.visible_detailed_error_page.descriptive_stack_trace
- sensitive_data_exposure.visible_detailed_error_page.detailed_server_configuration
- unvalidated_redirects_and_forwards.open_redirect.get_based
- sensitive_data_exposure.internal_ip_disclosure
- sensitive_data_exposure.visible_detailed_error_page.full_path_disclosure
- server_security_misconfiguration.cookie_scoped_to_parent_domain
- client_side_injection.binary_planting
- client_side_injection.binary_planting.privilege_escalation
- client_side_injection.binary_planting.no_privilege_escalation
- sensitive_data_exposure.token_leakage_via_referer.trusted_3rd_party
- sensitive_data_exposure.token_leakage_via_referer.untrusted_3rd_party
- server_security_misconfiguration.fingerprinting_banner_disclosure
- server_security_misconfiguration.lack_of_password_confirmation.manage_two_fa
- sensitive_data_exposure.json_hijacking
- cross_site_request_forgery_csrf.action_specific.logout
- broken_authentication_and_session_management.privilege_escalation
- insecure_data_transport.executable_download
- insecure_data_transport.executable_download.no_secure_integrity_check
- insecure_data_transport.executable_download.secure_integrity_check
- server_security_misconfiguration.rfd
- sensitive_data_exposure.xssi
- server_security_misconfiguration.misconfigured_dns.zone_transfer
- insufficient_security_configurability.weak_password_policy.no_password_policy
- insecure_data_storage.server_side_credentials_storage
- insecure_data_storage.server_side_credentials_storage.plaintext
Removed
- unvalidated_redirects_and_forwards.open_redirect.get_based_all_users
- unvalidated_redirects_and_forwards.open_redirect.get_based_authenticated
- unvalidated_redirects_and_forwards.open_redirect.get_based_unauthenticated
- sensitive_data_exposure.token_leakage_via_referer.over_https
- sensitive_data_exposure.mixed_content.sensitive_data_disclosure
- sensitive_data_exposure.mixed_content.requires_being_a_man_in_the_middle
- broken_authentication_and_session_management.session_token_in_url
- broken_authentication_and_session_management.session_token_in_url.over_http
- broken_authentication_and_session_management.session_token_in_url.over_https
- broken_authentication_and_session_management.authentication_bypass.vertical
- broken_authentication_and_session_management.authentication_bypass.horizontal
- insecure_data_storage.credentials_stored_unencrypted
- insecure_data_storage.credentials_stored_unencrypted.on_external_storage
- insecure_data_storage.credentials_stored_unencrypted.on_internal_storage
- insecure_data_storage.insecure_data_storage
- insecure_data_storage.insecure_data_storage.password
- insufficient_security_configurability.weak_password_policy.complexity_both_length_and_char_type_not_enforced
- insufficient_security_configurability.weak_password_policy.complexity_length_not_enforced
- insufficient_security_configurability.weak_password_policy.complexity_char_type_not_enforced
- insufficient_security_configurability.weak_password_policy.allows_reuse_of_old_passwords
- insufficient_security_configurability.weak_password_policy.allows_password_to_be_same_as_email_username
Changed
- sensitive_data_exposure.visible_detailed_error_page name changed from 'Visible Detailed Error Page' to 'Visible Detailed Error/Debug Page'
- server_security_misconfiguration.mail_server_misconfiguration.missing_dmarc name changed from 'Missing DMARC' to 'Missing DKIM/DMARC'
- insecure_data_transport.ssl_certificate_pinning moved via category change to mobile_security_misconfiguration.ssl_certificate_pinning
- insecure_data_transport.ssl_certificate_pinning.absent moved via category change to mobile_security_misconfiguration.ssl_certificate_pinning.absent
- insecure_data_transport.ssl_certificate_pinning.defeatable moved via category change to mobile_security_misconfiguration.ssl_certificate_pinning.defeatable
- sensitive_data_exposure.mixed_content name changed from 'Mixed Content' to 'Mixed Content (HTTPS Sourcing HTTP)'
- sensitive_data_exposure.mixed_content priority changed from null to P5 (due to children removal)
- broken_authentication_and_session_management.authentication_bypass priority changed from null to P1 (due to children removal)
- insufficient_security_configurability.weak_password_policy priority changed from null to P5 (due to children removal)