drop precision to low for now

2026-04-29 18:55:14 +02:00 · 2022-06-18 18:38:58 +00:00
parent 059c4d38ad
commit 8b36191023
1 changed files with 2 additions and 2 deletions
--- a/ruby/ql/src/experimental/manually-check-http-verb/ManuallyCheckHttpVerb.ql
+++ b/ruby/ql/src/experimental/manually-check-http-verb/ManuallyCheckHttpVerb.ql
@@ -3,8 +3,8 @@
 * @description Manually checking HTTP verbs is an indication that multiple requests are routed to the same controller action. This could lead to bypassing necessary authorization methods and other protections, like CSRF protection. Prefer using different controller actions for each HTTP method and relying Rails routing to handle mappting resources and verbs to specific methods.
 * @kind problem
 * @problem.severity error
- * @security-severity 7.0
- * @precision medium
+ * @security-severity 5.0
+ * @precision low
 * @id rb/manually-checking-http-verb
 * @tags security
 */