nuclei-templates icon indicating copy to clipboard operation
nuclei-templates copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

Update Severity of Stored XSS

Open akincibor opened this issue 2 years ago • 3 comments

Template / PR Information

  • Fixed CVE-2020-XXX / Added CVE-2020-XXX / Updated CVE-2020-XXX
  • References:

Template Validation

I've validated this template locally?

  • [ ] YES
  • [ ] NO

Additional Details (leave it blank if not applicable)

Additional References:

akincibor avatar Aug 13 '22 10:08 akincibor

Hello @akincibor, Thanks for contributing to the project, but the severity added in the templates is according to the CVE's severity score. Make sure you update the templates according to the CVE severity score only.

ritikchaddha avatar Aug 13 '22 11:08 ritikchaddha

So the extracted CVSS score are wrong.

akincibor avatar Aug 13 '22 16:08 akincibor

Hello @akincibor, please provide the reference for the same in order to update the severity of those templates.

ritikchaddha avatar Aug 13 '22 16:08 ritikchaddha

Hi @akincibor The Severity for the CVE findings are set according to the CVSS Severity system

for example the CVE-2017-18598 the NVD Vector is

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

image

Feel Free to reach out to us in Discord Server, regarding the severity

Closing this PR

Thank you

DhiyaneshGeek avatar Feb 10 '23 12:02 DhiyaneshGeek