🐛 WFuzz: Add additional severity mappings (#9486)

* 🐛 fix wfuzz, issue #7863

* add 302

* update docs

docs/content/en/integrations/parsers/file/wfuzz.md

@@ -9,8 +9,10 @@ The return code matching are directly put in Severity as follow(this is hardcode
 HTTP Return Code | Severity
 -----------------|---------
 200              |  High
+302              |  Low
 401              |  Medium
 403              |  Medium
+404              |  Medium
 407              |  Medium
 500              |  Low
 

dojo/tools/wfuzz/parser.py

@@ -13,10 +13,12 @@ class WFuzzParser(object):
     # table to match HTTP error code and severity
     SEVERITY = {
         "200": "High",
-        "500": "Low",
+        "302": "Low",
         "401": "Medium",
-        "407": "Medium",
         "403": "Medium",
+        "404": "Medium",
+        "407": "Medium",
+        "500": "Low"
     }
 
     def get_scan_types(self):

unittests/scans/wfuzz/issue_7863.json

@@ -0,0 +1,14 @@
+[
+  {
+    "chars": 2823,
+    "code": 404,
+    "payload": "/server-status | GET /server-status HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: Wfuzz/3.1.0\nHost: example.com\n\n",
+    "lines": 0,
+    "location": "",
+    "method": "GET",
+    "post_data": [],
+    "server": "",
+    "url": "https://example.com/server-status",
+    "words": 60
+  }
+]

unittests/tools/test_wfuzz_parser.py

@@ -37,3 +37,13 @@ def test_one_dup_finding(self):
             for endpoint in finding.unsaved_endpoints:
                 endpoint.clean()
         self.assertEqual(4, len(findings))
+
+    def test_issue_7863(self):
+        testfile = open("unittests/scans/wfuzz/issue_7863.json")
+        parser = WFuzzParser()
+        findings = parser.get_findings(testfile, Test())
+        for finding in findings:
+            for endpoint in finding.unsaved_endpoints:
+                endpoint.clean()
+        self.assertEqual(1, len(findings))
+        self.assertEqual("Medium", findings[0].severity)