How to calculate CVSS score of a finding detected in the source code?
While I was doing source code review of API handlers for REST APIs, I found a security issue.
This issue is that some methods have the annotation @PreAuthorize("permitAll()").
If I want to document this as a finding and give it a… Continue reading How to calculate CVSS score of a finding detected in the source code?