CWSSv1 Calc integration #539
Comments
|
I have just spotted a calculations issue in the JS I submitted so bare with me on that bit, but in the meantime. Any thoughts or comments on adding this / how to progress it further (as, sorry, I will not likely be able to create a full on PR for it). |
|
That sounds great to me. Thanks for submitting the POC JavaScript! As mentioned in the CVSS PR, the biggest thing will be JavaScript. If we can get a calculator working, the rest shouldn't be too difficult. |
|
OK, please discard the first file I provided - this one I am fairly sure works as planned. Probably worth someone else testing that I have the calculations correct though. |
|
Hi all. What can I do to move this little one along? |
|
Hello everyone! I'm interested in this topic since I'd like to have another risk calculator. I'm looking for the OWASP risk calculator and I saw that there are already a lot of JavaScript implementation of it. What would you like me to do for getting this calculator? Should I just provide you a simple JS PoC of it? Thanks!! |
Is your feature request related to a problem? Please describe.
Following on from the recent work on CVSSv4 integration it would be great to introduce another calculator into the mix. I have often looked at CWSS as a way of helping people get their heads round issues that aren't direct vulnerabilities but are instead related to defence in depth. My experience of CVSS is that you either leave it out or you shoe-horn it in and neither really cuts it. CWSS, whilst a little old, potentially offers a more repeatable and objective method for quantifying these circumstance.
Describe the solution you'd like
It would be great if we could add a new tab to the new CVSS calculator for CWSSv1. In a previous PR I raised this and it was suggested that to make this happen the biggest piece of work would be the creation of a CWSS JavaScript calculator. I had a look around and there appears to be only one of these online at the moment and it isn't marked as free to use. I have then spent time writing a new JavaScript calculator which I believe works correctly etc. (Please see attached).
CWSScalc.html.txt
(In "txt" format for upload to GitHub without potential for execution)
The text was updated successfully, but these errors were encountered: