Add a CVSS 4 calc

Vulnogram · Mar 26, 2024 · 5c2e6ff · 5c2e6ff
1 parent 0f7c800
commit 5c2e6ff
Show file tree

Hide file tree

Showing 4 changed files with 377 additions and 9 deletions.
diff --git a/cve5.1/css/vg-icons.css b/cve5.1/css/vg-icons.css
diff --git a/cve5.1/cvss4.html b/cve5.1/cvss4.html
diff --git a/cve5.1/index.html b/cve5.1/index.html
@@ -225,7 +225,7 @@
   margin-bottom: 0.3em;
   margin-top: .3em;
 }
-</style><link href="./css/tagify.css" rel="stylesheet" type="text/css"></head><body class="cve" id="body"><div class="stk" id="vgHead"><header class="ban pad wht btm"><div class="left"><a class="fbn vgi-logo" title="Making the world safer one CVE at a time, since 2017" href="https://vulnogram.github.io">Vulnogram</a> <a class="fbn vgi-alert" title="CVE: Common Vulnerabilities and Exposures" href=".">CVE 5.1(beta)</a><a class="fbn vgi-alert" title="CVE: Common Vulnerabilities and Exposures" href="/">CVE 5 (Current)</a><a class="fbn vgi-alert" title="CVE: Common Vulnerabilities and Exposures" href="/cve4">CVE 4 (old)</a></div><div class="right"></div></header><header class="ban pad shd hig"><div class="left"><a class="fbn sfe" href="./">NEW</a><input class="hid" id="importJSON" type="file" accept="application/json" onchange="loadCVEFile(event,this);"><a class="fbn vgi-folder" type="file" onclick="importFile(event, this);">Open</a><a class="fbn vgi-download" type="button" oncontextmenu="downloadFile(event, this);" onclick="downloadFile(event, this);" value="Download">Download</a><button class="fbn sfe vgi-put" id="post1">Post to CVE.org</button></div><div class="right"><form class="indent out nobr" onsubmit="cveSelectLoad(event);return false;"><input class="txt lbl" id="cveEditable" type="search" name="id" list="editablelist" placeholder="CVE-yyyy-nnnn.." title="Load CVE for editing" required><datalist id="editablelist"></datalist><button class="btn vgi-in" type="submit">Load</button></form></div></header></div><script>var userUsername = ""
+</style><link href="./css/tagify.css" rel="stylesheet" type="text/css"></head><body class="cve" id="body"><div class="stk" id="vgHead"><header class="ban pad wht btm"><div class="left"><a class="fbn vgi-logo" title="Making the world safer one CVE at a time, since 2017" href="https://vulnogram.github.io">Vulnogram</a> <a class="fbn vgi-alert" title="CVE: Common Vulnerabilities and Exposures" href=".">CVE 5.1(beta)</a><a class="fbn vgi-cvss-logo" title="Common Vulnerability Scoring System" href="/cvss4/">CVSS 4.0</a><a class="fbn vgi-alert" title="CVE: Common Vulnerabilities and Exposures" href="/">CVE 5 (Current)</a><a class="fbn vgi-alert" title="CVE: Common Vulnerabilities and Exposures" href="/cve4">CVE 4 (old)</a></div><div class="right"></div></header><header class="ban pad shd hig"><div class="left"><a class="fbn sfe" href="./">NEW</a><input class="hid" id="importJSON" type="file" accept="application/json" onchange="loadCVEFile(event,this);"><a class="fbn vgi-folder" type="file" onclick="importFile(event, this);">Open</a><a class="fbn vgi-download" type="button" oncontextmenu="downloadFile(event, this);" onclick="downloadFile(event, this);" value="Download">Download</a><button class="fbn sfe vgi-put" id="post1">Post to CVE.org</button></div><div class="right"><form class="indent out nobr" onsubmit="cveSelectLoad(event);return false;"><input class="txt lbl" id="cveEditable" type="search" name="id" list="editablelist" placeholder="CVE-yyyy-nnnn.." title="Load CVE for editing" required><datalist id="editablelist"></datalist><button class="btn vgi-in" type="submit">Load</button></form></div></header></div><script>var userUsername = ""
 </script><div class="pad ban messagebar"><div class="left tred" id="errMsg"></div><div class="right" id="infoMsg"></div></div><div class="pad"><script>var iconMap = {"Platforms":"stack","References":"ext","Versions":"versions","Timeline":"time","Solution":"safe","ID":"tag","Tags":"tag","Advisory-ID":"tag","ASSIGNER":"user","ASSIGNER_SHORT_NAME":"user","DATE_PUBLIC":"cal","TITLE":"title","Published":"cal","product_name":"package","Found during":"info","CNA_private":"lock","TYPE":"bucket","unsure":"what","no-vuln":"safe","advisory":"alert","no-advisory":"no","doc":"text","misc":"misc","duplicate":"ext","CVE_data_meta":"info","STATE":"knob","new":"inbox","closed":"closed","open":"inbox1","draft":"text","review":"eye","waiting":"wait","pending":"cal","vectorString":"title","baseScore":"dial","baseSeverity":"knob","scenario":"text","source":"info","descriptions":"text","affected":"impact","Vendors":"factory","references":"ext","impacts":"impact","metrics":"dial","Configuration":"cog","Defect":"bug","INTERNAL":"hardhat","EXTERNAL":"hat","USER":"cap","UNKNOWN":"what"}</script><script>var currentYear = new Date().getFullYear();
 const defaultTimeout = 1000 * 60 * 60; // one hour timeout
 
@@ -3245,18 +3245,20 @@
 async function cveAddUser(f) {
     if (validateForm(f)) {
         try {
-            var ret = await csClient.createOrgUser({
+            const userFields = {
                 "username": f.new_username.value,
                 "name": {
                     "first": f.first.value,
                     "last": f.last.value
                 },
                 "authority": {
-                    "active_roles": [
-                        "ADMIN"
-                    ]
+                    "active_roles": []
                 }
-            });
+            }
+            if (f.admin.checked) {
+              userFields.authority.active_roles.push("ADMIN")
+            }
+            var ret = await csClient.createOrgUser(userFields);
             if (ret.created && ret.created.secret) {
                 document.getElementById('userAddDialog').close();
                 document.getElementById("secretDialogForm").pass.value = ret.created.secret;
@@ -3643,7 +3645,8 @@
     } catch (e) {
         portalErrorHandler(e);
     }
-}</script><script>function pug_attr(t,e,n,r){if(!1===e||null==e||!e&&("class"===t||"style"===t))return"";if(!0===e)return" "+(r?t:t+'="'+t+'"');var f=typeof e;return"object"!==f&&"function"!==f||"function"!=typeof e.toJSON||(e=e.toJSON()),"string"==typeof e||(e=JSON.stringify(e),n||-1===e.indexOf('"'))?(n&&(e=pug_escape(e))," "+t+'="'+e+'"'):" "+t+"='"+e.replace(/'/g,"&#39;")+"'"}
+}
+</script><script>function pug_attr(t,e,n,r){if(!1===e||null==e||!e&&("class"===t||"style"===t))return"";if(!0===e)return" "+(r?t:t+'="'+t+'"');var f=typeof e;return"object"!==f&&"function"!==f||"function"!=typeof e.toJSON||(e=e.toJSON()),"string"==typeof e||(e=JSON.stringify(e),n||-1===e.indexOf('"'))?(n&&(e=pug_escape(e))," "+t+'="'+e+'"'):" "+t+"='"+e.replace(/'/g,"&#39;")+"'"}
 function pug_classes(s,r){return Array.isArray(s)?pug_classes_array(s,r):s&&"object"==typeof s?pug_classes_object(s):s||""}
 function pug_classes_array(r,a){for(var s,e="",u="",c=Array.isArray(a),g=0;g<r.length;g++)(s=pug_classes(r[g]))&&(c&&a[g]&&(s=pug_escape(s)),e=e+u+s,u=" ");return e}
 function pug_classes_object(r){var a="",n="";for(var o in r)o&&r[o]&&pug_has_own_property.call(r,o)&&(a=a+n+o,n=" ");return a}

diff --git a/cve5.1/js/editor.js b/cve5.1/js/editor.js