Goal
Independently verify one existing CWE to OWASP Top 10 mapping and move it from maintainer-policy-reviewed to community-verified.
CodeInspectus currently reports the verification state honestly; community review is needed before any mapping can carry the strongest status.
Acceptance criteria
- Choose one mapping currently documented in
docs/COMPLIANCE-RATIONALE.md.
- Cite the relevant primary OWASP source and include a short supporting excerpt within copyright limits.
- Explain why the specific CWE/rule belongs under that OWASP category; do not rely on name similarity alone.
- Update the mapping state and the aggregate verification count in every documented location.
- Use the compliance-mapping PR template.
- Do not change detection behavior in this contribution.
Goal
Independently verify one existing CWE to OWASP Top 10 mapping and move it from
maintainer-policy-reviewedtocommunity-verified.CodeInspectus currently reports the verification state honestly; community review is needed before any mapping can carry the strongest status.
Acceptance criteria
docs/COMPLIANCE-RATIONALE.md.