Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Update per TFDEV- 433

/rest/{version}/vulnerabilities

Descriptor

Value

HTTP Method

POST

Description

Returns a filtered list of vulnerabilities.

Required Permission

Read Access (Any Role)

Version Introduced

2.3.0

Changes in 2.4.0                

Adds new fields to dependency Check Vulnerabilities

Changes in 2.5.1

Adds "displayName" field to "genericSeverity" in response.  This field is present when using any previous REST version as well.

Adds "findingRecommendation" and "findingDescription" fields in response.  These are only present when using version 2.5.1 or later.

Changes in 2.5.2

Adds "vulnerabilityComments.comment" and "vulnerabilityComments.tags" fields in response. These fields are present when using any previous REST version as well.

Adds "vulnerabilityComments.user" field in response. This field is only present when using version 2.5.2 or later.

Adds ability to get vulnerability information by entering a serialized list of vulnerability IDs.

Changes in 2.7

Adds ability to get vulnerability information by entering a serialized list of CVE IDs.

Adds 8 new parameters to help query by vulnerability status: showNotFalsePositive, showNotHidden, showExploitable, showNotExploitable, showContested, showNotContested, showVerified, and showNotVerified.  These parameters only work if using the 2.7 REST version or later. 

Starting with REST version 2.7 the status query logic is altered; ThreadFix only filters vulnerabilities based on the parameters the user provides.  To see open vulnerabilities without False Positives and Hidden vulns returned, the user will need to specify "showOpen=true", "showNotFalsePositive=true", and "showNotHidden=true"

Changes in 2.7.1

Added support for CSVv1, CSVv2 and SSVL exports.

Also added 7 new parameters to allow users to filter report data in the same way they would in the ThreadFix UI for CSV and SSVL exports.

Changes in 2.8

Updated CSV export parameter arguments. CSVv1 support has been deprecated.

Also added 3 new parameters to allow for filtering on static, dynamic and dependency findings.

Changes in 2.8.2

Added remoteProviderEntityID and remoteProviderEntityName fields in response. These fields are present when using any previous REST version as well.

Changes in 2.8.3

Added urlReference field in response. This field was already displayed on UI vulnerability details page

Changes in 2.8.4

Added remoteProviderAppNativeName. This field corresponds with the "Origin Remote Provider Application" in the Finding Details page.

Request Header Parameters

Parameter

Value

Required

Description

Accept

String

Yes

A value of ‘application/json’ must be provided.

Request POST Data Parameters

Parameter

Value Type

Req.

Description

genericVulnerabilities

List

no

Serialized list of generic vulnerability (CWE) IDs. 

Example: genericVulnerabilities[0].id=201

teams

List

no

Serialized list of team IDs.

Example: teams[0].id=1

applications

List

no

Serialized list of application IDs. 

Example: applications[0].id=2

channelTypes

List

no

Serialized list of scanner IDs. 

Example: channelTypes[0].id=<channelTypeId> (e.g., channelTypes[0].id=49)

Note: To find a scanner’s channelTypeId, run the following query:

SELECT id, name FROM ChannelType WHERE name='<scanner name>'; (e.g., SELECT id, name FROM ChannelType WHERE name='Fortify SSC'; )

genericSeverities

List

no

Serialized list of generic severity values.  

Severity Values:

  • UNASSIGNED = 0

  • INFO = 1

  • LOW = 2

  • MEDIUM = 3

  • HIGH = 4

  • CRITICAL = 5

Example: genericSeverities[0].intValue=4&genericSeverities[1].intValue=5

Retrieves Critical and High vulnerabilities.  The 0 and 1 indicate position within array since more than one vuln severity type is being requested.  If only requesting one severity, it would be 0.

numberVulnerabilities

Integer

no

Number of vulnerabilities to return.  By default this method will only return up to 10 vulnerabilities.

page

Integer

no

Can be used to return a different page of vulnerabilities, with each page of vulnerabilities containing {numberVulnerabilities} vulnerabilities.

parameter

String

no

Filter to only return vulnerabilities containing this string in their parameter.

path

String

no

Filter to only return vulnerabilities containing this String in their path.

startDate

Date

no

Lower bound on scan dates. Format: yyyy-MM-dd or Epoch time (in milliseconds).

endDate

Date

no

Upper bound on scan dates. Format: yyyy-MM-dd or Epoch time (in milliseconds).

showOpen

Boolean

no

Flag to show only open vulnerabilities.

showClosed

Boolean

no

Flag to show only closed vulnerabilities.

showFalsePositive

Boolean

no

Flag to show only false positive vulnerabilities.

showNotFalsePositive

Boolean

no

Only available using REST version 2.7 or later.

Flag to show only vulnerabilities that are not false positive.

showHidden

Boolean

no

Flag to show hidden vulnerabilities.

showNotHidden

Boolean

no

Only available using REST version 2.7 or later.

Flag to show only vulnerabilities that are not hidden.

showExploitable

Boolean

no

Only available using REST version 2.7 or later.

Flag to show only vulnerabilities that are exploitable.

showNotExploitable

Boolean

no

Only available using REST version 2.7 or later.

Flag to show only vulnerabilities that are not exploitable.

showContested

Boolean

no

Only available using REST version 2.7 or later.

Flag to show only vulnerabilities that are contested.

showNotContested

Boolean

no

Only available using REST version 2.7 or later.

Flag to show only vulnerabilities that are not contested.

showVerified

Boolean

no

Only available using REST version 2.7 or later.

Flag to show only vulnerabilities that are verified.

showNotVerified

Boolean

no

Only available using REST version 2.7 or later.

Flag to show only vulnerabilities that are not verified.

numberMerged

Integer

no

Number of vulnerabilities merged from different scans.

showDefectPresent

Boolean

no

Flag to show vulnerabilities with defects.

showDefectNotPresent

Boolean

no

Flag to show vulnerabilities without defects.

showDefectOpen

Boolean

no

Flag to show vulnerabilities with open defects.

showDefectClosed

Boolean

no

Flag to show vulnerabilities with closed defects.

showInconsistentClosedDefectNeedsScan

Boolean

no

Flag to show vulnerabilities that have closed defects but have not yet been closed by a scan.

showInconsistentClosedDefectOpenInScan

Boolean

no

Flag to show vulnerabilities that have closed defects but were found open in a scan since the defect was closed.

showInconsistentOpenDefect

Boolean

no

Flag to show vulnerabilities that have open defects but have been closed by scans.

includeCustomText

Boolean

no

Set to true to include Custom CWE Text in the response for each vulnerability.

showCommentPresent

Boolean

no

Flag to show vulnerabilities with comments.

commentTags

List

no

Serialized list of comment tags. Example: commentTags[0].id=1

daysOldModifier

String

no

Should only be value of "less" or "more". Used in conjunction with daysOld parameter.

daysOld

Integer

no

Number of days in age of the vulnerability. Valid values are "10", "30", etc. 

daysOldCommentsModifier

String

no

Should only be value of "less" or "more". Used in conjunction with daysOldComments parameter.

daysOldComments

Integer

no

Number of days in age of the comment. Valid values are "10", "30", etc.

hoursOldCommentsModifier

String

no

Should only be value of "less" or "more". Used in conjunction with hoursOldComments parameter.

hoursOldComments

Integer

no

Number of hours since comment was added to vulnerability. Valid values are "1", "10", etc.

commentedByUser

Integer

no

Filter vulnerabilities by ID of user that added comments to it.

vulnerabilities

List

no

Serialized list of vulnerability IDs. Example: vulnerabilities[0].id=1

cvesList

List

no

Serialized list of CVE IDs. Example: cvesList[0].CVE=CVE-2016-6316

exportType

String

no

Type of export being performed. Valid values are "csv" and "ssvl". Not case sensitive.

tags

List

no

Filters to show vulnerabilities from Applications that are tagged with these application tags. To pass in multiple tags, pass in multiple times and increment in the index in the array, like how the teams and applications parameters work. Example: tags[1].id=1,tags[0].id=3

vulnTags

List

no

Filters to show vulnerabilities tagged with these vulnerability tags. Pass in multiple tags in the same way. Example: vulnTags[0].id=5

defectId

String

no

Filters to show vulnerabilities with this defect attached. Example: defectId=THREAD-17420

nativeId

String

no

Filters to show vulnerabilities with findings that have this native ID. Example: nativeId=a0f486f7f658d7c6ecf364c7354a06be

assignToUser

String

no

Filters to show vulnerabilities that have a finding with this value in their assignToUser column (from Checkmarx, for example). Does not need to be an exact string, it will return all findings that contain this string in their assignToUser column. Example: assignToUser=admin

showSharedVulnFound

Boolean

no

Filters to show only vulnerabilities that have been identified as Shared Vulnerabilities. Example: showSharedVulnFound=true

showSharedVulnNotFound

Boolean

no

Filters to show only vulnerabilities that have not been identified as Shared Vulnerabilities. Example: showSharedVulnNotFound=true

showDynamic

Boolean

no

Filters to show only vulnerabilities with dynamic findings. Example: showdynamic=true

showStatic

Boolean

no

Filters to show only vulnerabilities with static findings. Example: showStatic=true

showDependency

Boolean

no

Filters to show only vulnerabilities with dependency findings. Example: showDependency=true

showMobile

Boolean

no

Filters to show only vulnerabilities with mobile findings. Example: showMobile=true

remoteProviderAppNativeName

String

no

Displays the Remote Provider Application name within the Finding Details page.*

*Introduced in ThreadFix version 2.8.4

Sample Calls:

  • Requesting all vulnerabilities that are Open but not False Positive or Hidden (the default filter settings in the UI), with up to 200 returned:

Code Block
curl --insecure -H 'Accept: application/json' -H 'Authorization: APIKey {apiKey}' -X POST --data 'showOpen=true&showNotFalsePositive=true&showNotHidden=false&numberVulnerabilities=200' http://localhost:8080/threadfix/rest/latest/vulnerabilities
  • Requesting all critical, high, and medium vulnerabilities with up to 200 returned:

Code Block
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'genericSeverities[0].intValue=3&genericSeverities[1].intValue=4&genericSeverities[2].intValue=5&numberVulnerabilities=200' http://localhost:8080/threadfix/rest/latest/vulnerabilities
  • Requesting up to 100 vulnerabilities for Application ID 2, with Custom CWE Text returned as well:

Code Block
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'applications[0].id=2&includeCustomText=true&numberVulnerabilities=100' http://localhost:8080/threadfix/rest/latest/vulnerabilities

Requesting up to 500 vulnerabilities for all the applications inside Team ID 2, with Custom CWE Text returned as well:

Code Block
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'teams[0].id=2&includeCustomText=true&numberVulnerabilities=500' http://localhost:8080/threadfix/rest/latest/vulnerabilities
  • Requesting vulnerabilities which have had comments added less than 10 days ago:

Code Block
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {API Key}" -X POST --data 'daysOldCommentsModifier=less&daysOldComments=10'  http://localhost:8080/threadfix/rest/latest/vulnerabilities 

-Requesting vulnerabilities which have comments added more than 5 hours ago:

Code Block
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {API Key}" -X POST --data 'hoursOldCommentsModifier=more&hoursOldComments=5'  http://localhost:8080/threadfix/rest/latest/vulnerabilities

-Requesting vulnerabilities by ID:

Code Block
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {API Key}" -X POST --data 'vulnerabilities[0].id=1'  http://localhost:8080/threadfix/rest/latest/vulnerabilities 

-Requesting vulnerabilities by user who added comments to it:

Code Block
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {API Key}" -X POST --data 'commentedByUser=12'  http://localhost:8080/threadfix/rest/latest/vulnerabilities 

-Requesting vulnerabilities by CVE, with up to 200 vulnerabilities returned:

Code Block
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'cvesList[0].CVE=CVE-2013-6416&cvesList[1].CVE=CVE-2016-6316&numberVulnerabilities=200' http://localhost:8080/threadfix/rest/latest/vulnerabilities

Sample Output:

Values for originalOpenTime and openTime are returned as Epoch time in milliseconds.

Code Block
{
       "message": "",
       "success": true,
       "responseCode": -1,
       "object": [
       
        {
           
            "id": 114,
           
            "defect": null,
           
            "genericVulnerability": {
                
                "id": 79,
               
                "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                  "displayId": 79             },             "genericSeverity": {
                "id": 4,
                "name": "Critical",         "displayId": 79
            },
    "displayName": "Critical",                 "intValue": 5             },             "calculatedFilePathgenericSeverity": "",{
             "active": true,             "isFalsePositive": false,             "hidden": false, 			"originalOpenTime": 1307976287000,             "openTime": 1307976287000,             "closeTimeid": null4,
            "findings": [                 {                     "id": 114,
                    "longDescription": null,
                    "attackString         "name": "parameter:Critical",
cookie command=1234 -> command=1234*/--></script><script>alert(26682)</script>",                     "attackRequest": "POST /demo/EvalInjection2.php H…  //TRIMMED FOR BREVITY,                     "attackResponse": null,                     "nativeIddisplayName": "eb6aa5598d20a3468754f36b9d2755d6Critical",
                    "displayId": null,
                    "surfaceLocation": {
                        "id": 114,
                        "parameter": "command",
                        "path": "/demo/EvalInjection2.php"
                    },
                    "sourceFileLocation": null,
                    "dataFlowElements": [],
                    "calculatedUrlPath": "/demo/EvalInjection2.php",
                    "calculatedFilePath": "",
                    "dependency": null,
                "intValue": 5
            },
            "calculatedFilePath": "",
            "findingDescriptionactive": {true,
            "isFalsePositive": false,
            "idhidden": 1,
false,
			"originalOpenTime": 1307976287000,
            "openTime": 1307976287000,
            "descriptioncloseTime": null,
"The test successfully... //TRIMMED FOR BREVITY,       "findings": [
            },    {
                "findingRecommendation": {   "id": 114,
                    "idactive": 1true,
                        "recommendationlongDescription": "<fixRecommendations>\n... //TRIMMED FOR BREVITYnull,
                    },
                    "vulnerabilityTypeattackString": "Cross-Site Scripting",
                    "severity": "High",
                    "scannerName": "Security AppScan Standard"
                }
            ],
            "documents": [],
            "grcControl": null,
			"tags": [],
     parameter: cookie command=1234 -> command=1234*/--></script><script>alert(26682)</script>",
                    "attackRequest": "POST /demo/EvalInjection2.php H…  //TRIMMED FOR BREVITY,
      "path": null,             "parameterattackResponse": "new parameters",null,
              "vulnerabilityComments": [],     "nativeId": "eb6aa5598d20a3468754f36b9d2755d6",
      "staticFindings": [],             "vulnIddisplayId": "548"null,
            "genericSeverity        "surfaceLocation": {
                        "id": 5114,
                "name        "parameter": "Criticalcommand",
                "intValue": 5,        "path": "/demo/EvalInjection2.php"
          "displayName": "Critical"         },
   },                 "policyStatusessourceFileLocation": null,
                    "descriptiondataFlowElements": null[],
                    "releaseFrequencycalculatedUrlPath": "UNKNOWN/demo/EvalInjection2.php",
                    "testEnvironmentcalculatedFilePath": null"",
                    "grcApplicationdependency": null,
                "isInternal": false   "findingDescription": {
             },              "parameter": "command",             "dynamicFindings": [                 {                     "id": 114,
                    "longDescription": null,
                    "attackString": "parameter: cookie command=1234 -> command=1234*/--></script><script>alert(26682)</script>",
                    "attackRequest": "POST /demo/EvalInjection2… 1,
                        "description": "The test successfully... //TRIMMED FOR BREVITY,
                    "attackResponse": null,
                    "nativeId": "eb6aa5598d20a3468754f36b9d2755d6",
                    "displayId": null,
                    "surfaceLocation": {
                        "id": 114,
                        "parameter": "command",
                        "path": "/demo/EvalInjection2.php"
                    },
                    "sourceFileLocation": null,
                    "dataFlowElements": [],
                    "calculatedUrlPath": "/demo/EvalInjection2.php",
                    "calculatedFilePath": "",
                    "dependency": null,                   },
                    "findingRecommendation": {
                     "findingDescription": {
                        "id": 1,
                        "descriptionrecommendation": "The test successfully<fixRecommendations>\n... //TRIMMED FOR BREVITY,
                    },
                    "findingRecommendationvulnerabilityType": {
"Cross-Site Scripting",
                       "idseverity": 1,
   "High",
                    "recommendationscannerName": "Security                    AppScan "vulnerabilityType": "Cross-Site Scripting",
                    "severity": "High",
                    "scannerName": "Security AppScan Standard"
                }
            ],
            "dependency": null,
            "channelNames": [
                "Security AppScan Standard"
            ],
            "app": {
                "id": 1,
                "name": "App",
                "url": null,
                "applicationCriticality": {
                    "id": 2,
                    "name": "Medium"
                },
                "grcApplication": null
            },
            "team": {
                "id": 1,
                "name": "Team"
            },
            "documents": []Standard"
                }
            ],
            "documents": [],
            "grcControl": null,
			"tags": [],
            "path": null,
            "parameter": "new parameters",
            "grcControlvulnerabilityComments": null[],
            "tagsstaticFindings": [],
            "pathvulnId": "/548",
            "parametergenericSeverity": null, {
                "vulnerabilityCommentsid": [],5,
                "staticFindingsname": []"Critical",
                "dependencyintValue": null5,
                "vulnIddisplayName": "293Critical",
            "genericSeverity": {},
                 "idpolicyStatuses": 2null,
                "namedescription": "Low"null,
                "intValuereleaseFrequency": 2"UNKNOWN",
                "displayNametestEnvironment": "Low"
        }
    ]
}
genericVulnerability field with includeCustomText set to true:
Code Block
{
    "message": "",
    "success": true,
    "responseCode": -1,
    "object": [
        {
            "id": 114,
            "defect": null,
            "genericVulnerability": {
                "id": 79,
                "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                "customText": "Custom CWE Text here.",
                "displayId": 79
            },
            …
        }
    ]
}
dependency fields for DependencyCheck vulnerability:
Code Block
{
    "message": "",
    "success": true,
    "responseCode": -1,
    "object": [
        {
            …
            "findings": [
                {
…
                    "dependency": {
                        "id": 1,
                        "componentName": "spring-core-3.0.0.RELEASE.jar",
                        "componentFilePath": ".\\src\\test\\resources\\spring-core-3.0.0.RELEASE.jar",
                        "refLink": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2894",
                        "description": "Spring Framework 3.0.0 through 3.0.5, Spring … //TRIMMED FOR BREVITY,
                        "source": null,
                        "refId": "CVE-2011-2894"
                    },
…
                }
            ],
…
            "dependency": {
                "id": 1,
               null,
                "grcApplication": null,
                "isInternal": false
            },
            "parameter": "command",
            "dynamicFindings": [
                {
                    "id": 114,
                    "active": true,
                    "longDescription": null,
                    "attackString": "parameter: cookie command=1234 -> command=1234*/--></script><script>alert(26682)</script>",
                    "attackRequest": "POST /demo/EvalInjection2…  //TRIMMED FOR BREVITY,
                    "attackResponse": null,
                    "nativeId": "eb6aa5598d20a3468754f36b9d2755d6",
                    "displayId": null,
                    "surfaceLocation": {
                        "id": 114,
                        "parameter": "command",
                        "path": "/demo/EvalInjection2.php"
                    },
                    "sourceFileLocation": null,
                    "dataFlowElements": [],
                    "calculatedUrlPath": "/demo/EvalInjection2.php",
                    "calculatedFilePath": "",
                    "dependency": null,
                    "findingDescription": {
                        "id": 1,
                        "description": "The test successfully... //TRIMMED FOR BREVITY,
                    },
                    "findingRecommendation": {
                        "id": 1,
                        "recommendation": "
                    "vulnerabilityType": "Cross-Site Scripting",
                    "severity": "High",
                    "scannerName": "Security AppScan Standard"
                }
            ],
            "dependency": null,
            "channelNames": [
                "Security AppScan Standard"
            ],
            "app": {
                "id": 1,
                "name": "App",
                "url": null,
                "applicationCriticality": {
                    "id": 2,
                    "name": "Medium"
                },
                "grcApplication": null
            },
            "team": {
                "id": 1,
                "name": "Team"
            },
            "documents": [],
            "grcControl": null,
            "tags": [],
            "path": "/",
            "parameter": null,
            "vulnerabilityComments": [],
            "staticFindings": [],
            "dependency": null,
            "vulnId": "293",
            "genericSeverity": {
                "id": 2,
                "name": "Low",
                "intValue": 2,
                "displayName": "Low"
        }
    ]
}


genericVulnerability field with includeCustomText set to true:

Code Block
{
    "message": "",
    "success": true,
    "responseCode": -1,
    "object": [
        {
            "id": 114,
            "defect": null,
            "genericVulnerability": {
                "id": 79,
                "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                "customText": "Custom CWE Text here.",
                "displayId": 79
            },
            …
        }
    ]
}


dependency fields for DependencyCheck vulnerability:

Code Block
{
    "message": "",
    "success": true,
    "responseCode": -1,
    "object": [
        {
            …
            "findings": [
                {
…
                    "dependency": {
                        "id": 1,
                        "active": true,
                        "componentName": "spring-core-3.0.0.RELEASE.jar",
                        "componentFilePath": ".\\src\\test\\resources\\spring-core-3.0.0.RELEASE.jar",
                        "refLink": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2894",
                        "description": "Spring Framework 3.0.0 through 3.0.5, Spring … //TRIMMED FOR BREVITY,
                        "source": null,
                        "refId": "CVE-2011-2894"
                    },
…
                }
            ],
…
            "dependency": {
                "id": 1,
                "active": true,
                "componentName": "spring-core-3.0.0.RELEASE.jar",
               
                "componentFilePath": ".\\src\\test\\resources\\spring-core-3.0.0.RELEASE.jar",
               
                "refLink": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2894",
                               "description": "Spring Framework 3.0.0 through 3.0… //TRIMMED FOR BREVITY,
                3.0… //TRIMMED FOR BREVITY,
                "source": null,
                               "refId": "CVE-2011-2894"
                       },
…
       
        }
       ]
}

Return response for remoteProviderAppNativeName:

Code Block
{
    "message": "",
    "success": true,
    "responseCode": -1,
    "object": [
        {
            "id": 14,
            "defect": null,
            "genericVulnerability": {
                "id": 80,
                "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
                "displayId": 79
            },
            "calculatedFilePath": "/advanced.jsp",
            "active": true,
            "isFalsePositive": true,
            "isContested": false,
            "isVerified": false,
            "isExploitable": false,
            "hidden": false,
            "originalOpenTime": 1616117619000,
            "openTime": 1616117619000,
            "closeTime": null,
            "findings": [
                {
                    "id": 14,
                    "active": true,
                    "vulnerability": {
                        "id": 14
                    },
                    "longDescription": null,
                    "attackString": null,
                    "attackRequest": null,
                    "attackResponse": null,
                    "urlReference": "https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1003279&projectid=132&pathid=1",
                    "nativeId": "a311bbc6b7ad1432e8915230129dac3b",
                    "displayId": null,
                    "surfaceLocation": {
                        "id": 14,
                        "parameter": null,
                        "path": "root/advanced.jsp"
                    },
                    "sourceFileLocation": "root/advanced.jsp",
                    "dataFlowElements": [
                        {
                            "id": 94,
                            "sourceFileName": "root/advanced.jsp",
                            "lineNumber": 48,
                            "columnNumber": 45,
                            "lineText": "    <a href=\"javascript:window.location=window.location.href\">New Search</a>"
                        },
                        {
                            "id": 95,
                            "sourceFileName": "root/advanced.jsp",
                            "lineNumber": 48,
                            "columnNumber": 20,
                            "lineText": "    <a href=\"javascript:window.location=window.location.href\">New Search</a>"
                        }
                    ],
                    "findingCves": [],
                    "calculatedUrlPath": "",
                    "calculatedFilePath": "/advanced.jsp",
                    "dependency": null,
                    "findingDescription": null,
                    "findingRecommendation": null,
                    "scanName": null,
                    "scannerName": "Checkmarx",
                    "vulnerabilityType": "Client_DOM_XSS",
                    "severity": "High",
                    "remoteProviderEntityName": "CX",
                    "remoteProviderEntityId": 1,
                    "scannerRecommendation": null,
                    "remoteProviderAppNativeName": "Bodgeit (/CxServer/SP/Partners/Denim Group)"
                }
            ],
            "documents": [],
            "grcControl": null,
            "tags": [],
            "genericSeverity": {
                "id": 1,
                "name": "High",
                "intValue": 4,
                "displayName": "High"
            },
            "app": {
                "id": 1,
                "name": "1",
                "url": null,
                "applicationCriticality": {
                    "id": 2,
                    "name": "Medium"
                },
                "policyStatuses": null,
                "description": null,
                "releaseFrequency": "UNKNOWN",
                "testEnvironment": null,
                "grcApplication": null,
                "isInternal": false
            },
            "team": {
                "id": 1,
                "name": "1"
            },
            "vulnId": "14",
            "parameter": null,
            "staticFindings": [
                {
                    "id": 14,
                    "active": true,
                    "vulnerability": {
                        "id": 14
                    },
                    "longDescription": null,
                    "attackString": null,
                    "attackRequest": null,
                    "attackResponse": null,
                    "urlReference": "https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1003279&projectid=132&pathid=1",
                    "nativeId": "a311bbc6b7ad1432e8915230129dac3b",
                    "displayId": null,
                    "surfaceLocation": {
                        "id": 14,
                        "parameter": null,
                        "path": "root/advanced.jsp"
                    },
                    "sourceFileLocation": "root/advanced.jsp",
                    "dataFlowElements": [
                        {
                            "id": 94,
                            "sourceFileName": "root/advanced.jsp",
                            "lineNumber": 48,
                            "columnNumber": 45,
                            "lineText": "    <a href=\"javascript:window.location=window.location.href\">New Search</a>"
                        },
                        {
                            "id": 95,
                            "sourceFileName": "root/advanced.jsp",
                            "lineNumber": 48,
                            "columnNumber": 20,
                            "lineText": "    <a href=\"javascript:window.location=window.location.href\">New Search</a>"
                        }
                    ],
                    "findingCves": [],
                    "calculatedUrlPath": "",
                    "calculatedFilePath": "/advanced.jsp",
                    "dependency": null,
                    "findingDescription": null,
                    "findingRecommendation": null,
                    "scanName": null,
                    "scannerName": "Checkmarx",
                    "vulnerabilityType": "Client_DOM_XSS",
                    "severity": "High",
                    "remoteProviderEntityName": "CX",
                    "remoteProviderEntityId": 1,
                    "scannerRecommendation": null,
                    "remoteProviderAppNativeName": "Bodgeit (/CxServer/SP/Partners/Denim Group)"
                }
            ],
            "vulnerabilityComments": [],
            "dependency": null,
            "channelNames": [
                "Checkmarx"
            ],
            "dynamicFindings": [],
            "path": "root/advanced.jsp"
        }
    ]
}

Page Tree
rootVulnerabilities 3.0 API