fix: add CWE mapping for SQL injections and clean up redundant XSS false-positive check

cakmoel · cakmoel · commit f7219a7bd8d9 · 2026-04-29T21:02:29.000+07:00
diff --git a/config.py b/config.py
@@ -525,6 +525,7 @@ class OWASP:
 CWE_MAPPINGS = {
     "xss": ["CWE-79", "CWE-80", "CWE-81", "CWE-82", "CWE-83", "CWE-84", "CWE-85"],
     "sqli": ["CWE-89", "CWE-90", "CWE-564", "CWE-656"],
+    "sql": ["CWE-89", "CWE-90", "CWE-564", "CWE-656"],
     "idor": ["CWE-639", "CWE-22", "CWE-862"],
     "csrf": ["CWE-352"],
     "ssrf": ["CWE-918"],
diff --git a/socrates-blade.py b/socrates-blade.py
@@ -416,12 +416,6 @@ def test_xss(self, url, params, method='GET'):
                         if self.is_false_positive(url, param, payload):
                             continue
                         
-                        # Check if it's in a dangerous context (not escaped)
-                        # Look for unescaped < and > characters
-                        if '<' in payload and f'&lt;{payload.replace("<", "")}' in resp.text:
-                            # Safe - was HTML-escaped
-                            continue
-                        
                         self.add_finding(
                             'Reflected XSS',
                             url,
