Class Finding
A Finding resource represents a vulnerability instance identified during a ScanRun.
Implements
Inherited Members
Namespace: Google.Apis.WebSecurityScanner.v1alpha.Data
Assembly: Google.Apis.WebSecurityScanner.v1alpha.dll
Syntax
public class Finding : IDirectResponseSchema
Properties
Body
The body of the request that triggered the vulnerability.
Declaration
[JsonProperty("body")]
public virtual string Body { get; set; }
Property Value
Type | Description |
---|---|
string |
Description
The description of the vulnerability.
Declaration
[JsonProperty("description")]
public virtual string Description { get; set; }
Property Value
Type | Description |
---|---|
string |
ETag
The ETag of the item.
Declaration
public virtual string ETag { get; set; }
Property Value
Type | Description |
---|---|
string |
FinalUrl
The URL where the browser lands when the vulnerability is detected.
Declaration
[JsonProperty("finalUrl")]
public virtual string FinalUrl { get; set; }
Property Value
Type | Description |
---|---|
string |
FindingType
The type of the Finding.
Declaration
[JsonProperty("findingType")]
public virtual string FindingType { get; set; }
Property Value
Type | Description |
---|---|
string |
FrameUrl
If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.
Declaration
[JsonProperty("frameUrl")]
public virtual string FrameUrl { get; set; }
Property Value
Type | Description |
---|---|
string |
FuzzedUrl
The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.
Declaration
[JsonProperty("fuzzedUrl")]
public virtual string FuzzedUrl { get; set; }
Property Value
Type | Description |
---|---|
string |
HttpMethod
The http method of the request that triggered the vulnerability, in uppercase.
Declaration
[JsonProperty("httpMethod")]
public virtual string HttpMethod { get; set; }
Property Value
Type | Description |
---|---|
string |
Name
The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.
Declaration
[JsonProperty("name")]
public virtual string Name { get; set; }
Property Value
Type | Description |
---|---|
string |
OutdatedLibrary
An addon containing information about outdated libraries.
Declaration
[JsonProperty("outdatedLibrary")]
public virtual OutdatedLibrary OutdatedLibrary { get; set; }
Property Value
Type | Description |
---|---|
OutdatedLibrary |
ReproductionUrl
The URL containing human-readable payload that user can leverage to reproduce the vulnerability.
Declaration
[JsonProperty("reproductionUrl")]
public virtual string ReproductionUrl { get; set; }
Property Value
Type | Description |
---|---|
string |
TrackingId
The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.
Declaration
[JsonProperty("trackingId")]
public virtual string TrackingId { get; set; }
Property Value
Type | Description |
---|---|
string |
ViolatingResource
An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
Declaration
[JsonProperty("violatingResource")]
public virtual ViolatingResource ViolatingResource { get; set; }
Property Value
Type | Description |
---|---|
ViolatingResource |
VulnerableHeaders
An addon containing information about vulnerable or missing HTTP headers.
Declaration
[JsonProperty("vulnerableHeaders")]
public virtual VulnerableHeaders VulnerableHeaders { get; set; }
Property Value
Type | Description |
---|---|
VulnerableHeaders |
VulnerableParameters
An addon containing information about request parameters which were found to be vulnerable.
Declaration
[JsonProperty("vulnerableParameters")]
public virtual VulnerableParameters VulnerableParameters { get; set; }
Property Value
Type | Description |
---|---|
VulnerableParameters |
Xss
An addon containing information reported for an XSS, if any.
Declaration
[JsonProperty("xss")]
public virtual Xss Xss { get; set; }
Property Value
Type | Description |
---|---|
Xss |