Get Short Vulnerability Description for a Scan Result – GET /sast/scans/{id}/results/{pathId}/shortDescription (v9.0.0 and up)

    Get the short version of a vulnerability description for a specific scan result.

Usage

1. GET /reports/sastScans/{id}/status and get the status of the specific report
   
2. GET /reports/sastScans/{id} and get the report when ready
3. GET /sast/scans/{id}/results/{pathId}/shortDescription and get the short version of the vulnerability description for a specific scan result

URL

http://localhost/cxrestapi/sast/scans/{id}/results/{pathId}/shortDescription

Method:

GET

Media Type (header):

Authorization: Bearer <access token value>
Content-Type: application/json;v=1.0

Parameters

Required:

id=[integer] – Unique Id of the scan
pathId=[integer] – Unique Id of the result path

Curl Sample:

curl -X GET --header 'Accept: application/json' --header 'CXCSRFToken: 27e4968009e140888c017a4bf639d80e' --header 'Authorization: Bearer <access token> 'http://localhost/cxrestapi/sast/scans/1000002/results/1/shortDescription'

Sample Response:

{
  "shortDescription": "The application's main method receives an dynamically executes user-controlled code using line 9 of \\Code_Injection\\1\\code_injection.java. This could enable an attacker to inject and run arbitrary code. The attacker can inject the executed code via user input, which is retrieved by the application in the main method, at line 4 of \\Code_Injection\\1\\code_injection.java.\n"
}

Success Response:

Code: 200 OK

Error Response:

Code: 400 Bad Request
Code: 404 Not Found

Notes:

Retrieves the short version of the vulnerability description for a specific scan result. If the request fails, it returns an error response.