Bug description
When Wfuzz json report contains 404 or 302 HTTP return codes, import doesn't work.
Steps to reproduce
Steps to reproduce the behavior:
- Go to Engagement
- Click on Import Scan
- Choose Wfuzz JSON
- Create a Wfuzz JSON Report, e.g.
wfuzz -o json -f ./wfuzz.json,json -c -w /usr/share/wordlists/seclists/Discovery/Web-Content/common.txt --hc 500 https://123.123.123.123/FUZZ
- Import wfuzz.json
- Get an error
Expected behavior
Import of all findings from the Wfuzz json file.
Deployment method (select with an X)
Environment information
- DefectDojo version v. 2.16.2 ( release mode )
Logs
File "/app/./dojo/engagement/views.py", line 669, in import_scan_results
test, finding_count, closed_finding_count, _ = importer.import_scan(scan, scan_type, engagement, user, environment, active=active, verified=verified, tags=tags,
File "/app/./dojo/importers/importer/importer.py", line 304, in import_scan
parsed_findings = parser.get_findings(scan, test)
File "/app/./dojo/tools/wfuzz/parser.py", line 40, in get_findings
severity = self.SEVERITY[return_code]
KeyError: '404'
[pid: 37|app: -|req: -/-] 123.123.123.123 (admin) {50 vars in 1207 bytes} [Fri Mar 17 15:58:27 2023] POST /engagement/39/import_scan_results => generated 110216 bytes in 168 msec
Bug description
When Wfuzz json report contains 404 or 302 HTTP return codes, import doesn't work.
Steps to reproduce
Steps to reproduce the behavior:
Expected behavior
Import of all findings from the Wfuzz json file.
Deployment method (select with an
X)Environment information
Logs