Difference between revisions of "Fusion Metadata Registry 10.7.0 OWASP Analysis"
Jump to navigation
Jump to search
(Created page with "=== Overview === The following details the OWASP analysis of Fusion Metadata Registry version '''10.7.0''' === Environment === The OWASP command-line client was run against...") |
(No difference)
|
Latest revision as of 02:38, 24 May 2021
Contents
Overview
The following details the OWASP analysis of Fusion Metadata Registry version 10.7.0
Environment
The OWASP command-line client was run against the Fusion Metadata Registry version 10.7.0
- OWASP Cli version: dependency-check version: 6.1.6
- Java version "1.8.0_172"
- Operating System: Windows 10.0.19042.928
- Date performed: 10th May 2021
Overview of Report
The report revealed 1 vulnerable dependency:
1. bootstrap.bundle.min.js - version 4.0.0 - bundled with the Data Browser
Issue: This is a cross-site scripting issue rated as severity "MEDIUM".
Action: Since the Data Browser is now deprecated and will not ship with Fusion Registry 11, no action will be taken.
Attached Report
A PDF of the OWASP dependency report can be obtained here .
