APAR status
Closed as program error.
Error description
Run Scan Next Go to Tools ? Generate Report Select CWS SANS Top 25 2010 report and click Next Specify to html format Include the source code surrounding each finding @5 and 5 Include trace data Definitive Click Finish When prompted that the source cannot be found click No to discover In the IE window that appears, attempt to expand the FIRST twisty under ''CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')' Notice that you cannot expand and view the 78 findings nor can you collapse the CWE entry itself. This problem is not appear to be present for any other items on the generated page.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: * **************************************************************** * PROBLEM DESCRIPTION: * **************************************************************** * RECOMMENDATION: * **************************************************************** One of the twisties in CWS SANS Top 25 2010 report wasn't working correctly.
Problem conclusion
It has been fixed in the code.
Temporary fix
Comments
APAR Information
APAR number
PI09179
Reported component name
SEC APPSCAN SRC
Reported component ID
5724Z3400
Reported release
880
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2014-01-08
Closed date
2014-04-01
Last modified date
2014-04-01
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SEC APPSCAN SRC
Fixed component ID
5724Z3400
Applicable component levels
R880 PSN
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSS9LM","label":"IBM Security AppScan Source for Automation"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"880","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Document Information
Modified date:
12 December 2021