Class Finding
A Finding resource represents a vulnerability instance identified during a ScanRun.
Implements
Inherited Members
Namespace: Google.Apis.WebSecurityScanner.v1.Data
Assembly: Google.Apis.WebSecurityScanner.v1.dll
Syntax
public class Finding : IDirectResponseSchemaProperties
Body
Output only. The body of the request that triggered the vulnerability.
Declaration
[JsonProperty("body")]
public virtual string Body { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Description
Output only. The description of the vulnerability.
Declaration
[JsonProperty("description")]
public virtual string Description { get; set; }Property Value
| Type | Description |
|---|---|
| string |
ETag
The ETag of the item.
Declaration
public virtual string ETag { get; set; }Property Value
| Type | Description |
|---|---|
| string |
FinalUrl
Output only. The URL where the browser lands when the vulnerability is detected.
Declaration
[JsonProperty("finalUrl")]
public virtual string FinalUrl { get; set; }Property Value
| Type | Description |
|---|---|
| string |
FindingType
Output only. The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings
Declaration
[JsonProperty("findingType")]
public virtual string FindingType { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Form
Output only. An addon containing information reported for a vulnerability with an HTML form, if any.
Declaration
[JsonProperty("form")]
public virtual Form Form { get; set; }Property Value
| Type | Description |
|---|---|
| Form |
FrameUrl
Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.
Declaration
[JsonProperty("frameUrl")]
public virtual string FrameUrl { get; set; }Property Value
| Type | Description |
|---|---|
| string |
FuzzedUrl
Output only. The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.
Declaration
[JsonProperty("fuzzedUrl")]
public virtual string FuzzedUrl { get; set; }Property Value
| Type | Description |
|---|---|
| string |
HttpMethod
Output only. The http method of the request that triggered the vulnerability, in uppercase.
Declaration
[JsonProperty("httpMethod")]
public virtual string HttpMethod { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Name
Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.
Declaration
[JsonProperty("name")]
public virtual string Name { get; set; }Property Value
| Type | Description |
|---|---|
| string |
OutdatedLibrary
Output only. An addon containing information about outdated libraries.
Declaration
[JsonProperty("outdatedLibrary")]
public virtual OutdatedLibrary OutdatedLibrary { get; set; }Property Value
| Type | Description |
|---|---|
| OutdatedLibrary |
ReproductionUrl
Output only. The URL containing human-readable payload that user can leverage to reproduce the vulnerability.
Declaration
[JsonProperty("reproductionUrl")]
public virtual string ReproductionUrl { get; set; }Property Value
| Type | Description |
|---|---|
| string |
Severity
Output only. The severity level of the reported vulnerability.
Declaration
[JsonProperty("severity")]
public virtual string Severity { get; set; }Property Value
| Type | Description |
|---|---|
| string |
TrackingId
Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.
Declaration
[JsonProperty("trackingId")]
public virtual string TrackingId { get; set; }Property Value
| Type | Description |
|---|---|
| string |
ViolatingResource
Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
Declaration
[JsonProperty("violatingResource")]
public virtual ViolatingResource ViolatingResource { get; set; }Property Value
| Type | Description |
|---|---|
| ViolatingResource |
VulnerableHeaders
Output only. An addon containing information about vulnerable or missing HTTP headers.
Declaration
[JsonProperty("vulnerableHeaders")]
public virtual VulnerableHeaders VulnerableHeaders { get; set; }Property Value
| Type | Description |
|---|---|
| VulnerableHeaders |
VulnerableParameters
Output only. An addon containing information about request parameters which were found to be vulnerable.
Declaration
[JsonProperty("vulnerableParameters")]
public virtual VulnerableParameters VulnerableParameters { get; set; }Property Value
| Type | Description |
|---|---|
| VulnerableParameters |
Xss
Output only. An addon containing information reported for an XSS, if any.
Declaration
[JsonProperty("xss")]
public virtual Xss Xss { get; set; }Property Value
| Type | Description |
|---|---|
| Xss |
Xxe
Output only. An addon containing information reported for an XXE, if any.
Declaration
[JsonProperty("xxe")]
public virtual Xxe Xxe { get; set; }Property Value
| Type | Description |
|---|---|
| Xxe |