Summit 2011 Working Sessions/Session203/Deliverable 2

Open Web Application Security Program - Security Bulletin     [RELEASEDATE] FLAW TITLE (CVE-????) SUMMARY Short description of the flaw and how it was discovered. CVSS SCORE (Overall Score in Parenthesis) Calculated at http://nvd.nist.gov/cvss.cfm?calculator&version=2 CVSS Base Score ?      Impact Subscore ?     Exploitability Subscore ? CVSS Temporal Score ?  CVSS Environmental Score Undefined (We can't calculate environmental factors) Overall CVSS Score ? DETAILS Details of the flaw, including research notes should go into this section. IMPACT Potential impact of the flaw should be described here LIKELIHOOD OF EXPLOIT Likelihood that the flaw would be exploited should go here. Details such as whether the flaw is in the wild, if proof of concept code exists, if that code is publicly available or has been released, and other factors relating to the likelihood of the flaw being exploted should all be disclosed here. AFFECTED VERSIONS Projects and versions that are vulnerable ISSUE TRACKER LINKS Links to issues in the project(s) issue trackers should be listed here WORKAROUND If a workaround solution exists, it should be detailed here PERMANENT RESOLUTION If a permanent solution exists, it should be detailed here OWASP Projects Security Disclosure Group vulns@owasp.org PGP: ????