Skip to content

issues Search Results · repo:bugcrowd/vulnerability-rating-taxonomy language:Python

Filter by

220 results
 (62 ms)

220 results

inbugcrowd/vulnerability-rating-taxonomy (press backspace or delete to remove)

bugcrowd/vulnerability-rating-taxonomy
VRT Revision for AI Application Security Category

Hello, Given the limited ratings we currently have in the AI Application Security category, I’d like to propose a revised set of vulnerability classes that better capture the current threat landscape ...
  • ChaoticCooties
  • Opened 
    5 days ago
  • #455

bugcrowd/vulnerability-rating-taxonomy
VRT New Vulnerability Addition Request

I request the addition of the following vulnerability to the Vulnerability Rating Taxonomy (VRT) based on a recent finding. Server-Side Include (SSI) injection (P2 - Server-Side Injection -- Server-Side ...
  • phanii-bc
  • 1
  • Opened 
    on Feb 20
  • #451

bugcrowd/vulnerability-rating-taxonomy
VRT New Vulnerability Addition Request

I request the addition of new vulnerabilities to the Vulnerability Rating Taxonomy (VRT). Based on recent findings, incorporating these vulnerabilities will enhance its coverage and accuracy. 1. XPath ...
  • prithvi1337
  • 1
  • Opened 
    on Feb 20
  • #450

bugcrowd/vulnerability-rating-taxonomy
VRT Addition - GraphQL Specific misconfigurations

Hi Team, I wanted to suggest adding Vulnerabilities that are related specifically to GraphQL misconfigurations for example: GraphQL Introspection enabled (Info Leak) GraphQL Batch Queries (DoS/Rate limit ...
  • rootThatBox
  • 1
  • Opened 
    on Feb 16
  • #449

bugcrowd/vulnerability-rating-taxonomy
Request for category: "Client side only" XSS

Hi all! One vulnerability submission that we get a lot of and have to deny is a self-only XSS e.g. a user pastes a vulnerable snippet into a comment field, the client-side application renders it as submitted ...
  • nightpool
  • 4
  • Opened 
    on Feb 16
  • #448

bugcrowd/vulnerability-rating-taxonomy
Change Priority of Server-Side Injection > Content Spoofing > HTML Content Injection from P5 to P4

Hi team, most of the time, the Impact of HTML injection can be more than informative or a P5 therefore I believe the severity here shall be P4 at the minimum, the impact here can include - The attacker ...
  • rootThatBox
  • 4
  • Opened 
    on Feb 13
  • #447

bugcrowd/vulnerability-rating-taxonomy
Replace 'login' with 'log in' and 'logout' with 'log out' where used incorrectly

Many of the VRT templates say e.g. Login to the application when it should say Log in to the application. Login - Noun. Example: Use your login details. Log in - Verb. Example: Use your email address ...
  • phishician
  • Opened 
    on Feb 10
  • #445

bugcrowd/vulnerability-rating-taxonomy
VRT Additions/Modfications for Hardware/IT/OT/ICS

This is just a start on updating VRT for hardware submissions. I think updating current automotive ones to more general hardware would help instead of repeating issues. We could also combine a couple of ...
  • TheNerdyFeline
  • 1
  • Opened 
    on Jan 31
  • #444

bugcrowd/vulnerability-rating-taxonomy
Vulnerability Rating Taxonomy

  • netnimit1998
  • 1
  • Opened 
    on Jan 25
  • #443

bugcrowd/vulnerability-rating-taxonomy
Vulnerability Rating Taxonomy

  • netnimit1998
  • 1
  • Opened 
    on Jan 25
  • #442
Issue origami icon

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues
ProTip! 
Restrict your search to the title by using the in:title qualifier.
Issue origami icon

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues
ProTip! 
Restrict your search to the title by using the in:title qualifier.
Issue search results · GitHub