Merge pull request #3386 from zapbot/update-data

thc202 · web-flow · commit e802a20f59b3 · 2025-11-07T15:01:51.000Z
Update data
diff --git a/site/content/docs/desktop/addons/authentication-helper/_index.md b/site/content/docs/desktop/addons/authentication-helper/_index.md
@@ -6,7 +6,7 @@ weight: 1
 cascade:
   addon:
     id: authhelper
-    version: 0.31.0
+    version: 0.32.0
 ---
 
 # Authentication Helper
diff --git a/site/content/docs/desktop/addons/automation-framework/_index.md b/site/content/docs/desktop/addons/automation-framework/_index.md
@@ -6,7 +6,7 @@ weight: 1
 cascade:
   addon:
     id: automation
-    version: 0.55.0
+    version: 0.56.0
 ---
 
 # Automation Framework
@@ -21,6 +21,7 @@ It provides the following command line options:
 * -autogenmin \<filename\> Generate template automation file with the key parameters.
 * -autogenmax \<filename\> Generate template automation file with all parameters.
 * -autogenconf \<filename\> Generate template automation file using the current configuration.
+* -autocheck \<source\> Check the specified automation plan in the file or from the URL.
 
 ### Exit Codes {#exit-codes}
 
diff --git a/site/content/docs/desktop/addons/report-generation/_index.md b/site/content/docs/desktop/addons/report-generation/_index.md
@@ -6,7 +6,7 @@ weight: 1
 cascade:
   addon:
     id: reports
-    version: 0.41.0
+    version: 0.42.0
 ---
 
 # Report Generation
diff --git a/site/content/docs/desktop/addons/report-generation/report-traditional-json-plus.md b/site/content/docs/desktop/addons/report-generation/report-traditional-json-plus.md
@@ -40,6 +40,7 @@ type: userguide
                     "instances":[
                         {
                             "uri": "http://localhost:8080/bodgeit/search.jsp?q=%3C%2Ffont%3E%3CscrIpt%3Ealert%281%29%3B%3C%2FscRipt%3E%3Cfont%3E",
+                            "nodeName": "http://localhost:8080/bodgeit/search.jsp (q)",
                             "method": "GET",
                             "param": "q",
                             "attack": "</font><scrIpt>alert(1);</scRipt><font>",
@@ -52,6 +53,7 @@ type: userguide
                         },
                         {
                             "uri": "http://localhost:8080/bodgeit/contact.jsp",
+                            "nodeName": "http://localhost:8080/bodgeit/contact.jsp",
                             "method": "POST",
                             "param": "comments",
                             "attack": "</td><scrIpt>alert(1);</scRipt><td>",
@@ -64,6 +66,7 @@ type: userguide
                         }
                     ],                   
                     "count": "2", 
+                    "systemic": false, 
                     "solution": "<p>Phase: Architecture and Design</p><p>Use a vetted library or framework that does not ...</p>",
                     "otherinfo": "",
                     "reference": "<p>http://projects.webappsec.org/Cross-Site-Scripting</p><p>http://cwe.mitre.org/data/definitions/79.html</p>",
diff --git a/site/content/docs/desktop/addons/report-generation/report-traditional-json.md b/site/content/docs/desktop/addons/report-generation/report-traditional-json.md
@@ -32,6 +32,7 @@ type: userguide
                     "instances":[
                         {
                             "uri": "http://localhost:8080/bodgeit/search.jsp?q=%3C%2Ffont%3E%3CscrIpt%3Ealert%281%29%3B%3C%2FscRipt%3E%3Cfont%3E",
+                            "nodeName": "http://localhost:8080/bodgeit/search.jsp (q)",
                             "method": "GET",
                             "param": "q",
                             "attack": "</font><scrIpt>alert(1);</scRipt><font>",
@@ -40,6 +41,7 @@ type: userguide
                         },
                         {
                             "uri": "http://localhost:8080/bodgeit/contact.jsp",
+                            "nodeName": "http://localhost:8080/bodgeit/contact.jsp",
                             "method": "POST",
                             "param": "comments",
                             "attack": "</td><scrIpt>alert(1);</scRipt><td>",
@@ -48,6 +50,7 @@ type: userguide
                         }
                     ],                   
                     "count": "2", 
+                    "systemic": false, 
                     "solution": "<p>Phase: Architecture and Design</p><p>Use a vetted library or framework that does not ...</p>",
                     "otherinfo": "",
                     "reference": "<p>http://projects.webappsec.org/Cross-Site-Scripting</p><p>http://cwe.mitre.org/data/definitions/79.html</p>",
diff --git a/site/content/docs/desktop/addons/report-generation/report-traditional-markdown.md b/site/content/docs/desktop/addons/report-generation/report-traditional-markdown.md
@@ -68,18 +68,21 @@ CSRF attacks are effective in a number of situations, including:
 CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.
 
 * URL: http://localhost:8080/bodgeit/advanced.jsp
+  * Node Name: http://localhost:8080/bodgeit/advanced.jsp
   * Method: `GET`
   * Parameter: ``
   * Attack: ``
   * Evidence: `<form id="advanced" name="advanced" method="POST" onsubmit="return validateForm(this);false;">`
   * Other Info: ``
 * URL: http://localhost:8080/bodgeit/advanced.jsp
+  * Node Name: http://localhost:8080/bodgeit/advanced.jsp
   * Method: `GET`
   * Parameter: ``
   * Attack: ``
   * Evidence: `<form id="query" name="advanced" method="POST">`
   * Other Info: ``
 * URL: http://localhost:8080/bodgeit/basket.jsp
+  * Node Name: http://localhost:8080/bodgeit/basket.jsp
   * Method: `GET`
   * Parameter: ``
   * Attack: ``
diff --git a/site/content/docs/desktop/addons/report-generation/report-traditional-xml-plus.md b/site/content/docs/desktop/addons/report-generation/report-traditional-xml-plus.md
@@ -28,6 +28,7 @@ type: userguide
                                                                 
                                                                         <instance>
                                                                                 <uri>http://localhost:8080/bodgeit/js</uri>
+                                                                                <nodeName>http://localhost:8080/bodgeit/js</nodeName>
                                                                                 <method>GET</method>
                                                                                 <param></param>
                                                                                 <attack></attack>
@@ -61,6 +62,7 @@ type: userguide
                                                                 
                                                                         <instance>
                                                                                 <uri>http://localhost:8080/bodgeit/js/util.js</uri>
+                                                                                <nodeName>http://localhost:8080/bodgeit/js/util.js</nodeName>
                                                                                 <method>GET</method>
                                                                                 <param></param>
                                                                                 <attack></attack>
@@ -157,6 +159,7 @@ type: userguide
                                                                 
                                                         </instances>
                                                         <count>3</count>
+                                                        <systemic>false</systemic>
                                                         <solution></solution>
                                                         <otherinfo>NOTE: Because of its name this cookie may be important, but dropping it appears to have no effect: [JSESSIONID] 
         Cookies that don&apos;t have expected effects can reveal flaws in application logic. In the worst case, this can reveal where authentication via cookie token(s) is not actually enforced.
diff --git a/site/content/docs/desktop/addons/report-generation/report-traditional-xml.md b/site/content/docs/desktop/addons/report-generation/report-traditional-xml.md
@@ -26,9 +26,9 @@ type: userguide
                         <confidencedesc>Medium</confidencedesc>
                         <desc><p>A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge...</desc>
                         <instances>
-
                                 <instance>
                                     <uri>http://localhost:8080/bodgeit/advanced.jsp</uri>
+                                    <nodeName>http://localhost:8080/bodgeit/advanced.jsp</nodeName>
                                     <method>GET</method>
                                     <param></param>
                                     <attack></attack>
@@ -38,6 +38,7 @@ type: userguide
 
                                 <instance>
                                     <uri>http://localhost:8080/bodgeit/advanced.jsp</uri>
+                                    <nodeName>http://localhost:8080/bodgeit/advanced.jsp</nodeName>
                                     <method>GET</method>
                                     <param></param>
                                     <attack></attack>
@@ -47,12 +48,16 @@ type: userguide
 
                                 <instance>
                                     <uri>http://localhost:8080/bodgeit/basket.jsp</uri>
+                                    <nodeName>http://localhost:8080/bodgeit/basket.jsp</nodeName>
                                     <method>GET</method>
                                     <param></param>
                                     <attack></attack>
                                     <evidence><form action="basket.jsp" method="post"></evidence>
                                     <otherinfo></otherinfo>
                                 </instance>
-
+                        <count>2</count>
+                        <systemic>false</systemic>
+                        <solution>The solution</solution>
+                        <otherinfo>The other info</otherinfo>
 
 ```
diff --git a/site/content/docs/sbom/authhelper.md b/site/content/docs/sbom/authhelper.md
@@ -6,10 +6,10 @@ weight: 1
 cascade:
   addon:
     id: authhelper
-    version: 0.31.0
+    version: 0.32.0
 sbom:
   format: CycloneDX
-  downloadUrl: https://github.com/zaproxy/zap-extensions/releases/download/authhelper-v0.31.0/bom.json
+  downloadUrl: https://github.com/zaproxy/zap-extensions/releases/download/authhelper-v0.32.0/bom.json
   components:
   - name: aopalliance
     version: '1.0'
@@ -42,7 +42,7 @@ sbom:
     version: '1.9'
     licenses: Apache-2.0
   - name: automation
-    version: 0.55.0
+    version: 0.56.0
     licenses: ''
   - name: batik-anim
     version: '1.19'
diff --git a/site/content/docs/sbom/automation.md b/site/content/docs/sbom/automation.md
@@ -6,10 +6,10 @@ weight: 1
 cascade:
   addon:
     id: automation
-    version: 0.55.0
+    version: 0.56.0
 sbom:
   format: CycloneDX
-  downloadUrl: https://github.com/zaproxy/zap-extensions/releases/download/automation-v0.55.0/bom.json
+  downloadUrl: https://github.com/zaproxy/zap-extensions/releases/download/automation-v0.56.0/bom.json
   components:
   - name: apiguardian-api
     version: 1.1.2
diff --git a/site/content/docs/sbom/reports.md b/site/content/docs/sbom/reports.md
diff --git a/site/data/addons.yaml b/site/data/addons.yaml
