Fusion Metadata Registry 10.7.0 OWASP Analysis

From Fusion Registry Wiki

Jump to navigation Jump to search

Contents

1 Overview
2 Environment
3 Overview of Report
- 3.1 1. bootstrap.bundle.min.js - version 4.0.0 - bundled with the Data Browser
4 Attached Report

Overview

The following details the OWASP analysis of Fusion Metadata Registry version 10.7.0

Environment

The OWASP command-line client was run against the Fusion Metadata Registry version 10.7.0

OWASP Cli version: dependency-check version: 6.1.6
Java version "1.8.0_172"
Operating System: Windows 10.0.19042.928
Date performed: 10th May 2021

Overview of Report

The report revealed 1 vulnerable dependency:

1. bootstrap.bundle.min.js - version 4.0.0 - bundled with the Data Browser

Issue: This is a cross-site scripting issue rated as severity "MEDIUM".

Action: Since the Data Browser is now deprecated and will not ship with Fusion Registry 11, no action will be taken.

Attached Report

A PDF of the OWASP dependency report can be obtained here .

Retrieved from "https://wiki.sdmxcloud.org/index.php?title=Fusion_Metadata_Registry_10.7.0_OWASP_Analysis&oldid=3684"