Vulnerability Templates
Vulnerability templates define the structure and fields for a category of vulnerabilities. They control what information is captured when someone creates a vulnerability or adds a finding to a report.
What templates do
Each vulnerability template defines:
- A name and description for the category (e.g. "Web Application", "AWS Cloud", "Active Directory")
- The fields that vulnerabilities in this category should have
- The supported languages for multi-language content
- A link to one or more report templates that use this vulnerability template
When you create a report from a report template, the linked vulnerability template determines what fields appear for each finding.
Field types
When editing a template, you define the fields that every vulnerability in this category will have. Vulnotes supports these field types:
| Type | Description |
|---|---|
| Text | Single-line plain text input |
| Rich Text | Multi-line formatted text with the full editor toolbar |
| Dropdown | Select one value from a predefined list |
| Tags | Multiple free-form tags |
| CVSS | Interactive CVSS v3.1 or v4.0 calculator |
| Custom Score | Define your own interactive scoring criteria and weights |
| Number | Numeric input |
| Checkbox | Boolean toggle |
| Date | Date picker |
For each field, you can set whether it is required, whether it supports multiple languages, and provide a description or placeholder text as guidance for the person filling it in.
Linking to report templates
A vulnerability template is linked to one or more report templates. This connection determines which vulnerability fields appear in the findings tab when editing a report.
When you create or edit a report template in the Template Designer, you select which vulnerability template it should use. All reports created from that report template will then use the fields defined in the linked vulnerability template.