Community Edition Security Hotspot Query

I am using the SonarQube Community Version and have a doubt regarding the security hotspots and Vulnerabilities .
Does Community version cover all OWASP Top 10 and Sans 25 Vulnerabilties or only the Enterprise and Developer edition covers these above vulnerabilities ?
If no then what vulnerabilities does Community version cover ?
Does Community version cover Xpath Injections as well ?

Hello Ramkumar and welcome to the community!

The Community Edition includes all hotspots for supported languages. It also includes many vulnerabilities but not all of them. Namely, it does not include injection vulnerabilities like Xpath injection. This is available starting from the Developer Edition. You can find a list of all hotspots and vulnerabilities here. At the bottom of a rule you can see what version is required (Available In).

1 Like

Thanks a lot . I saw this link beforehand but didnt see that it was mentioned about which version it is available . thanks for helping me see that :slight_smile: That solved my question.

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.