Skip to content

Latest commit

 

History

History
38 lines (31 loc) · 1.29 KB

Blank.md

File metadata and controls

38 lines (31 loc) · 1.29 KB

Title

Issue Description

A generic overview of the issue, I usually use the default text from OWASP as it explains the issue well. Include a more specific description of the issue identified within the application.

Affected URL/Area

  • The affected urls or area of the application where the issue exists.

Risk Rating

  • Risk: Something
  • Difficulty to Exploit: Somethingelse
  • CVSS3 Score blah
  • Authentication?

Impact

  • What kind of attacker?
  • Do they need authentication?
  • Who else does it affect?

Steps to reproduce/PoC

A clear outline of the steps required to execute the payload as an attacker, this can include how to setup the payload and launch it.

  • Request
  • Response
  • Show, Introduce, Discuss
  • Screenshots

Affected Demographic/User Base

  • Explain who this issue affects?
  • Is it everyone or just a select amount of users?
  • How can this occur?

Recommended Fix

  • How do you fix the issue?
  • What is the recommended remediation actions required to successfully fix issue x?

References

Include additional reading for the client to further backup the issues explained or elaborate more on other potential issues chained to the one identified.