Implemented a check to determine if unpublished knowledge articles are accessible. (#118)

* Implemented a check to determine if unpublished knowledge articles are accessible.

* Added new instance scan description to readme

Author: DanielMadsenDK

README.md

@@ -300,6 +300,9 @@ Use GlideRecordSecure API to ensure the security checks are performed and unauth
 ### For loop iterators "i" should be declared
 In general, variables in JavaScript should be properly declared (e.g. using “var”). The declaration defines the scope of the variable, ensuring it's accessible only within the intended block. This prevents unintended variable pollution and conflicts. Especially in for loops, often an iterator “i” is used and not properly declared. For example “for (i=0; i<10; i++)” instead of “for (var i=0; i<10; i++)”.  As a result, this could unintentionally alter the value of other 'i' iterators in different for loops.
 
+### Don't show unpublished knowledge articles
+Unpublished knowledge articles may contain sensitive information that should not be visible to anyone with read access. By preventing access to unpublished articles, reviewers are given the opportunity to verify the content before it is made accessible. This ensures that only properly reviewed and approved information is available to users with read access.
+
 ## Category: User Experience
 
 ### Added a Number Prefix which already exists

ca8467c41b9abc10ce0f62c3b24bcbaa/checksum.txt

@@ -0,0 +1 @@
+GMk-wMVtcl0e4HaeuZQZANxo2HAMeWyfhL8rbFLl_woCVyXOjsXdR7O1LSNRPaNARvxgRvjRsKeUMqXi-LPK4EoClDxNqk3Wx6qpPBGYVmhF9S7jsLROWoO5Rj1jiSisMbIsOVFuPN_ts_kAcUOlpwRSywuUD0Go7N2jHUFGg45f63KMtuZQRGtfAWwxSNNpZ9gtoq4JYulVrcmKdf_bKDyX1bSlzCzeXiL8ezaAI_l2Zj2hHdxsqF5hUEZLNFugquKGb_fR7WLoPsz2a8dJejAFgKLGI_Foz1ZekVncgM8k0Kbx13zj8ZYdn5BVnKE6gLQL12k2cr6Xr6ohpUJrLHpEdBaLri5zcAhQo35qtifNeIzKxZrfkoG72CJ2rgXkbjXwZjxVbQtwN1beAznnjjsw3nmQ7DyR3ytpRq_8X1nTg9NZ7qwmp8iYFEGm3A9vaZ2Gan1bgkcvFG5Kne80TqOTh2ev1oTZ1YI1xKYa7fQutdvMPSt-MEr5oj8Eu3uxtn0RVcKVMXOEh5WSDEBB69BmLGm1GIggD9gpCY6-a3_tvQ8Eb5CycVyH02LWYkgZJJOhB0ueIUo-_ldLl7BmTynkXFF0zouPxPQdKYb5jNfzXRi5p-okzqjdDsHP5XnV8ZnyEs_xdvSQHTHCnr7-AxjdnvzPtCTKH5mFzbLhID4

ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_script_only_check_46f6b819834592106137b6cfeeaad352.xml

@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_script_only_check">
+    <scan_script_only_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <category>security</category>
+        <description>Unpublished knowledge articles may contain sensitive information that should not be visible to anyone with read access. By preventing access to unpublished articles, reviewers are given the opportunity to verify the content before it is made accessible. This ensures that only properly reviewed and approved information is available to users with read access.</description>
+        <documentation_url>https://docs.servicenow.com/bundle/vancouver-servicenow-platform/page/product/knowledge-management/reference/r_KnowledgeProperties.html</documentation_url>
+        <finding_type>scan_finding</finding_type>
+        <name>Don't show unpublished knowledge articles</name>
+        <priority>2</priority>
+        <resolution_details>Set the glide.knowman.show_unpublished property to false.</resolution_details>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function(finding) {
+    var targetProperty = 'glide.knowman.show_unpublished';
+    var expectedValue = 'false';
+    var defaultValue = 'true';
+
+    var propertyValue = gs.getProperty(targetProperty, defaultValue);
+
+    if (propertyValue.toLowerCase() != expectedValue.toLowerCase()) {
+        var gr = new GlideRecord('sys_properties');
+        gr.get('name', targetProperty);
+        finding.setCurrentSource(gr);
+        finding.increment();
+    }
+})(finding);]]></script>
+        <short_description>Don't show unpublished knowledge articles</short_description>
+        <sys_class_name>scan_script_only_check</sys_class_name>
+        <sys_created_by>daniel.aagren.seehartrai.madsen</sys_created_by>
+        <sys_created_on>2024-10-03 18:56:04</sys_created_on>
+        <sys_id>46f6b819834592106137b6cfeeaad352</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>Don't show unpublished knowledge articles</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_script_only_check_46f6b819834592106137b6cfeeaad352</sys_update_name>
+        <sys_updated_by>daniel.aagren.seehartrai.madsen</sys_updated_by>
+        <sys_updated_on>2024-10-03 18:56:04</sys_updated_on>
+    </scan_script_only_check>
+    <sys_translated_text action="delete_multiple" query="documentkey=46f6b819834592106137b6cfeeaad352"/>
+    <sys_es_latest_script action="INSERT_OR_UPDATE">
+        <id>46f6b819834592106137b6cfeeaad352</id>
+        <sys_created_by>daniel.aagren.seehartrai.madsen</sys_created_by>
+        <sys_created_on>2024-10-03 18:56:04</sys_created_on>
+        <sys_id>6d677855834592106137b6cfeeaad3d3</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_updated_by>daniel.aagren.seehartrai.madsen</sys_updated_by>
+        <sys_updated_on>2024-10-03 18:56:04</sys_updated_on>
+        <table>scan_script_only_check</table>
+        <use_es_latest>true</use_es_latest>
+    </sys_es_latest_script>
+</record_update>