Fixed item numbering.

2018-08-28 00:11:38 +01:00 · 2018-08-28 00:11:38 +01:00 · 965c74706b
parent dadda68b9b
commit 965c74706b
1 changed files with 6 additions and 6 deletions
--- a/doc/exercises/01-static-analysis-with-breakman.md
+++ b/doc/exercises/01-static-analysis-with-breakman.md
@ -32,10 +32,10 @@ Brakeman will report two possible cross-site scripting vulnerabilities *in DVGM
 itself*. We will look more closely at the one that possibly affects logged-in
 lecturers.

-1. In which file and line is the possible XSS vulnerability located?
-2. What action in what part of the app triggers the flagged line?
-3. Is the vulnerability exploitable? If yes, write an exploit and test it.
-4. If it is exploitable, how would a possible fix look like? Try the fix by
+5. In which file and line is the possible XSS vulnerability located?
+6. What action in what part of the app triggers the flagged line?
+7. Is the vulnerability exploitable? If yes, write an exploit and test it.
+8. If it is exploitable, how would a possible fix look like? Try the fix by
   changing the source code of DVGM (the changes are automatically picked up).
   See if your exploit still works. Do not forget to revert all changes afterwards,
   as we will also use other tools.
@ -45,5 +45,5 @@ lecturers.
 Brakeman will also report (at least) two possible Cross-Site Scripting
 vulnerabilities in dependencies.

-1. Which dependencies are affected?
-2. Is DVGM likely to be affected by the reported CVEs?
+ 9. Which dependencies are affected?
+10. Is DVGM likely to be affected by the reported CVEs?