feat: As a user I want the japser report to support english and german

security-c4po-angular/src/shared/modules/export-report-dialog/export-report-dialog.component.html

@@ -30,7 +30,7 @@
           <img src="../../assets/images/flags/{{exportLanguages.ENGLISH}}.svg" class="flag" width="25rem" height="16rem"
                alt="">
         </nb-radio>
-        <nb-radio disabled value="{{exportLanguages.GERMAN}}">
+        <nb-radio value="{{exportLanguages.GERMAN}}">
           <img src="../../assets/images/flags/{{exportLanguages.GERMAN}}.svg" class="flag" width="25rem" height="16rem"
                alt="">
         </nb-radio>

security-c4po-angular/src/shared/modules/export-report-dialog/export-report-dialog.component.ts

@@ -81,6 +81,7 @@ export class ExportReportDialogComponent implements OnInit {
   }
 
   onClickExport(reportFormat: string, reportLanguage: string): void {
+    console.warn('ToDo: Use format ', reportFormat);
     // Get project id from dialog data
     const projectId = this.dialogData.options[0].additionalData.id;
     // Loading is true as long as there is a response from the reporting service
@@ -89,7 +90,7 @@ export class ExportReportDialogComponent implements OnInit {
     switch (reportFormat) {
       case ExportFormatOptions.PDF: {
         // @ts-ignore
-        this.downloadPentestReport$ = this.reportingService.getReportPDFforProjectById(projectId)
+        this.downloadPentestReport$ = this.reportingService.getReportPDFforProjectById(projectId, reportLanguage)
           .pipe(
             shareReplay(),
             untilDestroyed(this)

security-c4po-angular/src/shared/modules/profile-settings/profile-settings.component.html

@@ -119,7 +119,8 @@
     </div>
   </nb-card-body>
   <nb-card-footer fxLayout="row" fxLayoutGap="1.5rem" fxLayoutAlign="end end">
-    <button nbButton size="small"
+    <!--Not needed for now-->
+   <!-- <button nbButton size="small"
             class="dialog-button"
             status="info"
             [disabled]="!allowConfirm()"
@@ -130,6 +131,11 @@
             class="dialog-button"
             (click)="onClickCancel()">
       {{ 'global.action.cancel' | translate }}
+    </button>-->
+    <button nbButton size="small"
+            class="dialog-button"
+            (click)="onClickCancel()">
+      {{ 'global.action.exit' | translate }}
     </button>
   </nb-card-footer>
 </nb-card>

security-c4po-angular/src/shared/modules/profile-settings/profile-settings.component.ts

@@ -205,10 +205,6 @@ export class ProfileSettingsComponent implements OnInit {
   }
 
   onClickCancel(): void {
-    console.log(this.userFormGroup.get('firstName').dirty);
-    console.log(this.userFormGroup.get('firstName')?.hasError('required'));
-    console.log(this.userFirstNameControl.hasError('required'));
-
     this.dialogRef.close();
   }
 

security-c4po-angular/src/shared/services/reporting/reporting.service.ts

@@ -18,8 +18,9 @@ export class ReportingService {
   /**
    * Get PDF Report by project id
    */
-  public getReportPDFforProjectById(projectId: string): Observable<Loading<ArrayBuffer>> {
+  // ToDo: Add language here
-    return this.http.get(`${this.reportBaseURL}/${projectId}/pdf`,
+  public getReportPDFforProjectById(projectId: string, reportLanguage: string): Observable<Loading<ArrayBuffer>> {
+    return this.http.get(`${this.reportBaseURL}/${projectId}/pdf/${reportLanguage}`,
       {
         // @ts-ignore
         responseType: 'arraybuffer',

security-c4po-reporting/src/main/kotlin/com/securityc4po/reporting/report/ReportController.kt

@@ -28,12 +28,13 @@ class ReportController(private val apiService: APIService, private val reportSer
     var logger = getLoggerFor<ReportController>()
 
     @GetMapping(
-        "/{projectId}/pdf",
+        "/{projectId}/pdf/{reportLanguage}",
         produces = [MediaType.APPLICATION_PDF_VALUE]
     )
-    fun downloadPentestReportPDF(@PathVariable(value = "projectId") projectId: String, @AuthenticationPrincipal user: Appuser): Mono<ResponseEntity<ByteArray>> {
+    // ToDo: Add language here
+    fun downloadPentestReportPDF(@PathVariable(value = "projectId") projectId: String, @PathVariable(value = "reportLanguage") reportLanguage: String, @AuthenticationPrincipal user: Appuser): Mono<ResponseEntity<ByteArray>> {
         return this.apiService.requestProjectReportDataById(projectId, user.token).flatMap {projectReport ->
-            this.reportService.createReport(projectReport, "pdf").map { reportClassLoaderFilePath ->
+            this.reportService.createReport(projectReport, "pdf", reportLanguage).map { reportClassLoaderFilePath ->
                 ResponseEntity.ok().body(reportClassLoaderFilePath)
             }.switchIfEmpty {
                 Mono.just(notFound().build<ByteArray>())

security-c4po-reporting/src/main/kotlin/com/securityc4po/reporting/report/ReportService.kt

@@ -3,6 +3,7 @@ package com.securityc4po.reporting.report
 import com.securityc4po.reporting.extensions.getLoggerFor
 import com.securityc4po.reporting.remote.model.*
 import net.sf.jasperreports.engine.*
+import net.sf.jasperreports.engine.JRParameter.REPORT_RESOURCE_BUNDLE
 import net.sf.jasperreports.engine.data.JRBeanCollectionDataSource
 import org.apache.pdfbox.io.MemoryUsageSetting
 import org.apache.pdfbox.multipdf.PDFMergerUtility
@@ -11,6 +12,8 @@ import org.springframework.stereotype.Service
 import reactor.core.publisher.Flux
 import reactor.core.publisher.Mono
 import java.io.*
+import java.util.*
+import kotlin.collections.HashMap
 
 
 @Service
@@ -51,6 +54,10 @@ class ReportService {
     @Value("\${reportDefaultPdf}")
     lateinit var reportDefaultPdfPropertyPath: String
 
+    // Path to localization files
+    @Value("\${localization}")
+    lateinit var localizationRessourceBasePath: String
+
     // Image paths
     @Value("\${CDATA_WATERMARK}")
     lateinit var waterMarkPath: String
@@ -68,13 +75,14 @@ class ReportService {
     @Value("\${CDATA_SeverityRatingTable}")
     lateinit var severityRatingTablePath: String
 
-    fun createReport(projectReportCollection: ProjectReport, reportFormat: String): Mono<ByteArray> {
+    fun createReport(projectReportCollection: ProjectReport, reportFormat: String, reportLanguage: String): Mono<ByteArray> {
+        logger.info("Use: " + reportLanguage)
         // Setup PDFMergerUtility
         val mergedC4POPentestReport: PDFMergerUtility = PDFMergerUtility()
         // Setup ByteArrayOutputStream for "on the fly" file generation
         val pdfDocOutputstream = ByteArrayOutputStream()
         // Try to create report files & merge them together
-        return createPentestReportFiles(projectReportCollection, reportFormat, mergedC4POPentestReport).collectList()
+        return createPentestReportFiles(projectReportCollection, reportFormat, reportLanguage, mergedC4POPentestReport).collectList()
             .map {
                 // Merge report files
                 mergedC4POPentestReport.destinationStream = pdfDocOutputstream
@@ -89,16 +97,20 @@ class ReportService {
     private fun createPentestReportFiles(
         projectReportCollection: ProjectReport,
         reportFormat: String,
+        reportLanguage: String,
         mergedC4POPentestReport: PDFMergerUtility
     ): Flux<Unit> {
+        // Setup ressource bundle for localization
+        val resourceBundle = getRessourceBundle(reportLanguage)
+        // Setup Flux to create report
         return Flux.just(
             // Create byte arrays of report files
-            createCover(projectReportCollection, reportFormat),
+            createCover(projectReportCollection, reportFormat, resourceBundle),
-            createTableOfContent(projectReportCollection, reportFormat),
+            createTableOfContent(projectReportCollection, reportFormat, resourceBundle),
-            createStateOfConfidentiality(projectReportCollection, reportFormat),
+            createStateOfConfidentiality(projectReportCollection, reportFormat, resourceBundle),
-            createExecutiveSummary(projectReportCollection, reportFormat),
+            createExecutiveSummary(projectReportCollection, reportFormat, resourceBundle),
-            createPentestReports(projectReportCollection, reportFormat),
+            createPentestReports(projectReportCollection, reportFormat, resourceBundle),
-            createAppendencies(reportFormat)
+            createAppendencies(reportFormat, resourceBundle)
         ).map { jasperObject ->
             if (jasperObject is ByteArray) {
                 val pdfInputSteam = ByteArrayInputStream(jasperObject)
@@ -114,7 +126,23 @@ class ReportService {
         }
     }
 
-    private fun createCover(projectReportCollection: ProjectReport, reportFormat: String): ByteArray {
+    private fun getRessourceBundle(reportLanguage: String): ResourceBundle {
+        return if (reportLanguage.equals("de-DE")) {
+            // Get the language code from the report parameter or other criteria
+            val languageCode = "de"
+            val locale = Locale(languageCode)
+            ResourceBundle.getBundle(localizationRessourceBasePath, locale)
+        }
+        // Default to english
+        else {
+            // Get the language code from the report parameter or other criteria
+            val languageCode = "en"
+            val locale = Locale(languageCode)
+            ResourceBundle.getBundle(localizationRessourceBasePath, locale)
+        }
+    }
+
+    private fun createCover(projectReportCollection: ProjectReport, reportFormat: String, resourceBundle: ResourceBundle): ByteArray {
         // Load Jasper Files
         val fileCoverStream = javaClass.getResourceAsStream(reportCoverDesignTemplate)
         // Open file stream
@@ -129,6 +157,8 @@ class ReportService {
             val parameters = HashMap<String, Any>()
             parameters["CDATA_WATERMARK"] = waterMarkPath
             parameters["CDATA_C4POCoverBackground"] = coverBackgroundPath
+            // Adds the resource bundle into the report
+            parameters[REPORT_RESOURCE_BUNDLE] = resourceBundle
             // Fill Reports
             val jasperPrintCover: JasperPrint = JasperFillManager.fillReport(jasperReportCover, parameters, dataSource)
             // Create File
@@ -144,7 +174,7 @@ class ReportService {
         }
     }
 
-    private fun createTableOfContent(projectReportCollection: ProjectReport, reportFormat: String): ByteArray {
+    private fun createTableOfContent(projectReportCollection: ProjectReport, reportFormat: String, resourceBundle: ResourceBundle): ByteArray {
         // Load Jasper Files
         val fileContentStream = javaClass.getResourceAsStream(reportContentDesignTemplate)
         // Open file stream
@@ -159,6 +189,8 @@ class ReportService {
             val parameters = HashMap<String, Any>()
             parameters["ProjectPentestReportDataSource"] = projectPentestReportDataSource
             parameters["CDATA_WATERMARK"] = waterMarkPath
+            // Adds the resource bundle into the report
+            parameters[REPORT_RESOURCE_BUNDLE] = resourceBundle
             // Fill Reports
             val jasperPrintContent: JasperPrint =
                 JasperFillManager.fillReport(jasperReportContent, parameters, JREmptyDataSource())
@@ -175,7 +207,7 @@ class ReportService {
         }
     }
 
-    private fun createStateOfConfidentiality(projectReportCollection: ProjectReport, reportFormat: String): ByteArray {
+    private fun createStateOfConfidentiality(projectReportCollection: ProjectReport, reportFormat: String, resourceBundle: ResourceBundle): ByteArray {
         // Load Jasper Files
         val fileStateOfConfidentialityStream = javaClass.getResourceAsStream(reportStateOfConfidentialityDesignTemplate)
         // Open file stream
@@ -189,6 +221,8 @@ class ReportService {
             // Setup Parameter & add Sub-datasets
             val parameters = HashMap<String, Any>()
             parameters["CDATA_WATERMARK"] = waterMarkPath
+            // Adds the resource bundle into the report
+            parameters[REPORT_RESOURCE_BUNDLE] = resourceBundle
             // Fill Reports
             val jasperPrintStateOfConfidentiality: JasperPrint =
                 JasperFillManager.fillReport(jasperReportContent, parameters, dataSource)
@@ -204,7 +238,7 @@ class ReportService {
         }
     }
 
-    private fun createExecutiveSummary(projectReportCollection: ProjectReport, reportFormat: String): ByteArray {
+    private fun createExecutiveSummary(projectReportCollection: ProjectReport, reportFormat: String, resourceBundle: ResourceBundle): ByteArray {
         // Load Jasper Files
         val fileExecutiveSummaryStream = javaClass.getResourceAsStream(reportExecutiveSummaryDesignTemplate)
         // Open file stream
@@ -332,6 +366,8 @@ class ReportService {
             parameters["CategoryFindingsPieChartDataSource"] = categoryFindingsDataSource
             parameters["SeverityFindingsPieChartDataSource"] = severityFindingsDataSource
             parameters["CDATA_WATERMARK"] = waterMarkPath
+            // Adds the resource bundle into the report
+            parameters[REPORT_RESOURCE_BUNDLE] = resourceBundle
             // Fill Reports
             val jasperPrintExecutiveSummary: JasperPrint =
                 JasperFillManager.fillReport(jasperReportContent, parameters, dataSource)
@@ -347,7 +383,7 @@ class ReportService {
         }
     }
 
-    private fun createPentestReports(projectReportCollection: ProjectReport, reportFormat: String): List<ByteArray> {
+    private fun createPentestReports(projectReportCollection: ProjectReport, reportFormat: String, resourceBundle: ResourceBundle): List<ByteArray> {
         // Create List of Files
         var finalFiles: List<ByteArray> = emptyList()
         // Load Jasper Files
@@ -388,6 +424,8 @@ class ReportService {
                         parameters["CDATA_WATERMARK"] = waterMarkPath
                         parameters["CDATA_FindingsSubreport"] = findingsSubreportPath
                         parameters["CDATA_CommentsSubreport"] = commentsSubreportPath
+                        // Adds the resource bundle into the report
+                        parameters[REPORT_RESOURCE_BUNDLE] = resourceBundle
                         // Fill Reports
                         // Print one report for each objective and merge them together afterwards
                         val jasperPrintPentests: JasperPrint =
@@ -427,7 +465,7 @@ class ReportService {
         return finalFiles
     }
 
-    private fun createAppendencies(reportFormat: String): ByteArray {
+    private fun createAppendencies(reportFormat: String, resourceBundle: ResourceBundle): ByteArray {
         // Load Jasper Files
         val fileAppendenciesStream = javaClass.getResourceAsStream(reportAppendenciesDesignTemplate)
         // Open file stream
@@ -440,6 +478,8 @@ class ReportService {
             parameters["SeverityRatingDefinition"] = JREmptyDataSource()
             parameters["CDATA_WATERMARK"] = waterMarkPath
             parameters["CDATA_SeverityRatingTable"] = severityRatingTablePath
+            // Adds the resource bundle into the report
+            parameters[REPORT_RESOURCE_BUNDLE] = resourceBundle
             // Fill Reports
             val jasperPrintAppendencies: JasperPrint =
                 JasperFillManager.fillReport(jasperReportCover, parameters, JREmptyDataSource())

security-c4po-reporting/src/main/resources/application-COMPOSE.properties

@@ -13,6 +13,8 @@ api.client.pentests.path=pentests
 # Ressource variables for jrxml files #
 CDATA_WATERMARK=BOOT-INF/classes/jasper/Watermark.png
 CDATA_C4POCoverBackground=BOOT-INF/classes/jasper/C4POCoverBackground#1.jpeg
+# Localization files #
+localization=jasper/localization/labels
 # Subreports #
 CDATA_FindingsSubreport=BOOT-INF/classes/jasper/subReports/FindingsSubreport.jasper
 CDATA_CommentsSubreport=BOOT-INF/classes/jasper/subReports/CommentsSubreport.jasper

security-c4po-reporting/src/main/resources/application.properties

@@ -39,7 +39,9 @@ reportPentestsCommentsOnlyDesignTemplate=/jasper/reports/c4po_pentests_comments_
 reportAppendenciesDesignTemplate=/jasper/reports/c4po_appendencies.jrxml
 # Path to default pdf file #
 reportDefaultPdf=/jasper/DEFAULT.pdf
-# Ressource variables for jrxml files #
+# Localization files #
+localization=jasper/localization/labels
+# Resource variables for jrxml files #
 CDATA_WATERMARK=./src/main/resources/jasper/Watermark.png
 CDATA_C4POCoverBackground=./src/main/resources/jasper/C4POCoverBackground#1.jpeg
 # Subreports #

security-c4po-reporting/src/main/resources/jasper/localization/labels_de.properties

@@ -0,0 +1,72 @@
+## de-DE translation for labels $R{translationKey}
+# Cover
+title.cover_one=Penetrationstest
+title.cover_two=Ergebnisbericht
+hint=Kein Teil dieses Dokuments darf ohne die ausdrückliche schriftliche Genehmigung des Testers an externe Quellen weitergegeben werden
+
+# Table of contents
+title.content=Inhaltsverzeichnis
+
+# State of confidentiality
+title.confidentiality=Zustand der Vertraulichkeit
+text.confidentiality=Der Inhalt dieses Dokuments wird als geschützte und vertrauliche Geschäftsinformation betrachtet. Diese Informationen dürfen nur im Rahmen der bestimmungsgemäßen Verwendung verwendet werden. Dieses Dokument darf ohne vorherige schriftliche Zustimmung nicht an andere Lieferanten, Geschäftspartner oder Auftragnehmer weitergegeben werden. Darüber hinaus darf kein Teil dieses Dokuments ohne vorherige Zustimmung weitergegeben, vervielfältigt, kopiert oder verteilt werden. Der Inhalt dieses Dokuments stellt keine Rechtsberatung dar. Das Angebot von Dienstleistungen, die sich auf Compliance, Rechtsstreitigkeiten oder andere rechtliche Interessen beziehen, ist nicht als Rechtsberatung gedacht und sollte nicht als solche verstanden werden. Die hierin beschriebene Bewertung richtet sich zu Prüfungszwecken gegen das Unternehmen, und die in diesem Dokument enthaltenen Schwachstellen sollten gemindert werden, um die externe und / oder interne Infrastruktur zu schützen.
+
+# Executive Summary
+title.summary=Zusammenfassung
+text.summary=Das Unternehmen beauftragte den Tester mit der Durchführung eines Penetrationstests, um Sicherheitslücken zu identifizieren, die Auswirkungen zu bestimmen, alle Ergebnisse klar und wiederholbar zu dokumentieren und Abhilfeempfehlungen zu geben.
+title.assessment_overview_and_recommendations=Bewertungsübersicht und Empfehlungen
+title.number_of_findings_per_category=Anzahl der Funde pro Kategorie
+title.severity_overview_of_findings=Schweregradübersicht der Funde
+
+# Pentestreport
+title.reports=Technische Details für Funde und Kommentare
+title.finding=Fund:
+title.comment=Kommentar:
+# Headlines
+title=Titel:
+description=Beschreibung:
+impact=Auswirkung:
+reproduction_steps=Reproduktion:
+mitigation=Minderung:
+no_mitigation=Keine Schadensminderung zur Vermeidung, Minimierung oder Kompensation des festgestellten oder erforderlichen Befunds.
+affected_urls=Betroffene URL's:
+no_affected_urls=Keine spezifischen URLs betroffen.
+
+# Appendencies
+title.appendencies=Anhänge
+title.findings_severities=Schweregrade der Funde
+text.findings_severities=Jedem Befund wurde eine Schweregradbewertung von kritisch hoch, mittel oder niedrig zugewiesen. Die Bewertung basiert auf einer Bewertung der Priorität, mit der jeder Befund betrachtet werden sollte, und der potenziellen Auswirkungen, die jeder auf die Vertraulichkeit, Integrität und Verfügbarkeit hat.
+title.risk_matrix=Risiko Matrix
+text.risk_matrix=Die Risikomatrix wird verwendet, um den potenziellen Schaden einer Gefahr basierend auf den Faktoren Wahrscheinlichkeit und Schweregrad zu bewerten. Die Wahrscheinlichkeits- und Schweregradbewertungen werden multipliziert, um einen Bewertungswert zu erhalten. Diese Punktzahl wird in den Risikobereichen nachgeschlagen, um das Risikoniveau zu bestimmen. Ein Beispiel für eine Gefahren-Risiko-Matrix ist unten angegeben:
+example.risk_matrix=Beispiel: Wenn Wahrscheinlichkeit = Möglich (3) und Schweregrad = Erheblich (4), wird die Risikostufe durch Schweregrad * Wahrscheinlichkeit bestimmt, was 3*4 = 12 ist. Die Punktzahl 12 fällt in den Risikobereich 'Hoch'.
+# Risk Matrix Table Properties
+risk_score=Risiko-Score
+to=bis
+risk_level_cat=Risikostufen
+#
+severity=Schwere
+insignificant=Unbedeutend
+minor=Unerheblich
+moderate=Mäßig
+major=Wesentlich
+catastrophic=Katastrophal
+#
+likelihood=Wahrscheinlichkeit
+rare=Selten
+unlikely=Unwahrscheinlich
+possible=Möglich
+likely=Wahrscheinlich
+almost_certain=Fast sicher
+# Severity Definitions Table Properties
+title.severity_definitions=Definitionen der Schweregradbewertung
+text.severity_definitions.critical=Die Ausnutzung der technischen oder prozeduralen Schwachstelle wird erheblichen Schaden anrichten. Erheblicher politischer, finanzieller und/oder rechtlicher Schaden ist wahrscheinlich die Folge. Die Gefährdung ist kritisch, und es gibt einen öffentlich verfügbaren Mechanismus, um die Schwachstelle auszunutzen. Sicherheitskontrollen werden nicht effektiv implementiert, um die Schwere der Auswirkungen zu verringern, wenn die Schwachstelle ausgenutzt wird.
+text.severity_definitions.high=Die Ausnutzung der technischen oder prozeduralen Schwachstelle wird erheblichen Schaden anrichten. Erheblicher politischer, finanzieller und/oder rechtlicher Schaden ist wahrscheinlich die Folge. Die Bedrohungslage ist hoch, wodurch die Eintrittswahrscheinlichkeit steigt. Sicherheitskontrollen werden nicht effektiv implementiert, um die Schwere der Auswirkungen zu verringern, wenn die Schwachstelle ausgenutzt wird.
+text.severity_definitions.medium=Die Ausnutzung der technischen oder verfahrenstechnischen Schwachstelle wirkt sich erheblich auf die Vertraulichkeit, Integrität und/oder Verfügbarkeit des Systems, der Anwendung oder der Daten aus. Die Ausnutzung der Schwachstelle kann zu moderaten finanziellen Verlusten oder öffentlicher Blamage führen. Die Gefährdung ist moderat bis hoch, wodurch die Eintrittswahrscheinlichkeit steigt. Es sind Sicherheitskontrollen vorhanden, um die Schwere der Auswirkungen zu begrenzen, wenn die Schwachstelle ausgenutzt wird, sodass kein weiterer politischer, finanzieller oder rechtlicher Schaden entsteht. - ODER - Die Schwachstelle ist derart, dass sie andernfalls als hohes Risiko eingestuft würde, aber die Gefährdung ist so begrenzt, dass die Wahrscheinlichkeit des Auftretens minimal ist.
+text.severity_definitions.low=Die Ausnutzung der technischen oder verfahrenstechnischen Schwachstelle hat nur minimale Auswirkungen auf den Betrieb. Die Vertraulichkeit, Integrität und Verfügbarkeit (CIA) sensibler Informationen sind nicht gefährdet. Die Ausnutzung der Schwachstelle kann zu leichten finanziellen Verlusten oder öffentlicher Blamage führen. Die Bedrohungslage ist moderat bis gering. Es sind Sicherheitskontrollen vorhanden, um die Schwere der Auswirkungen zu begrenzen, wenn die Schwachstelle ausgenutzt wird, sodass kein weiterer politischer, finanzieller oder rechtlicher Schaden entsteht. - ODER - Die Schwachstelle ist derart, dass sie andernfalls als mittleres Risiko angesehen würde, aber die Bedrohung ist so begrenzt, dass die Wahrscheinlichkeit des Auftretens minimal ist.
+rating=Schwere
+
+# Severities
+low=Low
+medium=Medium
+high=High
+critical=Critical

security-c4po-reporting/src/main/resources/jasper/localization/labels_en.properties

@@ -0,0 +1,74 @@
+## en-US translation for labels $R{translationKey}
+# Cover
+title.cover_one=Penetration Test
+title.cover_two=Report of Findings
+hint=No part of this document may be disclosed to outside sources without the explicit written authorization of the tester
+
+# Table of contents
+title.content=Table of Contents
+
+# State of confidentiality
+title.confidentiality=State of Confidentiality
+text.confidentiality=The contents of this document are considered to be proprietary and business confidential information. This information is to be used only in the performance of its intended use. This document may not be released to another vendor, business partner or contractor without prior written consent. Additionally, no portion of this document may be communicated, reproduced, copied or distributed without the prior consent. The contents of this document do not constitute legal advice. The offer of services that relate to compliance, litigation or other legal interests are not intended as legal counsel and should not be taken as such. The assessment detailed herein is against the company for examination purposes, and the vulnerabilities included in this document should be mitigated in order to secure external and / or internal infrastructure.
+
+# Executive Summary
+title.summary=Executive Summary
+text.summary=The company contracted the tester to perform a Penetration Test to identify security weaknesses, determine the impact, document all findings in a clear and repeatable manner, and provide remediation recommendations.
+title.assessment_overview_and_recommendations=Assessment Overview and Recommendations
+title.number_of_findings_per_category=Number of Findings per Category
+title.severity_overview_of_findings=Severity Overview of Findings
+
+# Pentestreport
+title.reports=Technical Findings and Comments Details
+title.finding=Finding:
+title.comment=Comment:
+# Headlines
+title=Title:
+description=Description:
+impact=Impact:
+reproduction_steps=Reproduction Steps:
+mitigation=Mitigation:
+no_mitigation=No mitigation to avoid, minimize or compensate the finding found or needed.
+affected_urls=Affected URL's:
+no_affected_urls=No specific URL's affected.
+
+# Appendencies
+title.appendencies=Appendencies
+title.findings_severities=Findings Severities
+text.findings_severities=Each finding has been assigned a severity rating of critical high, medium, or low. The rating is based off of an assessment of the priority with which each finding should be viewed and the potential impact each has on the confidentiality, integrity, and availability.
+title.risk_matrix=Risk Matrix
+text.risk_matrix=The risk matrix is used to assess the potential damage of a hazard, based on the likelihood and severity factors. The likelihood and severity scores are multiplied to obtain a score value. This score is looked up in the risk ranges to determine the risk level. An example of a hazard risk matrix is given below:
+example.risk_matrix=Example, if Likelihood = Possible (3) and Severity = Major (4), the risk level is determined by severity * likelihood, which is 3*4 = 12. The score 12 falls in 'High' risk range.
+# Risk Matrix Table Properties
+risk_score=Risk score
+to=to
+risk_level_cat=Risk level category
+#
+severity=Severity
+insignificant=Insignificant
+minor=Minor
+moderate=Moderate
+major=Major
+catastrophic=Catastrophic
+#
+likelihood=Likelihood
+rare=Rare
+unlikely=Unlikely
+possible=Possible
+likely=Likely
+almost_certain=Almost certain
+# Severity Definitions Table Properties
+title.severity_definitions=Severity Rating Definitions
+text.severity_definitions.critical=Exploitation of the technical or procedural vulnerability will cause substantial harm. Significant political, financial, and/or legal damage is likely to result. The threat exposure is critical, and a publicly available mechanism exists to exploit the vulnerability. Security controls are not effectively implemented to reduce the severity of impact if the vulnerability were exploited.
+text.severity_definitions.high=Exploitation of the technical or procedural vulnerability will cause substantial harm. Significant political, financial, and/or legal damage is likely to result. The threat exposure is high, thereby increasing the likelihood of occurrence. Security controls are not effectively implemented to reduce the severity of impact if the vulnerability were exploited.
+text.severity_definitions.medium=Exploitation of the technical or procedural vulnerability will significantly impact the confidentiality, integrity, and/or availability of the system, application, or data. Exploitation of the vulnerability may cause moderate financial loss or public embarrassment. The threat exposure is moderate-to-high, thereby increasing the likelihood of occurrence. Security controls are in place to contain the severity of impact if the vulnerability were exploited, such that further political, financial, or legal damage will not occur. - OR - The vulnerability is such that it would otherwise be considered High Risk, but the threat exposure is so limited that the likelihood of occurrence is minimal.
+text.severity_definitions.low=Exploitation of the technical or procedural vulnerability will cause minimal impact to operations. The Confidentiality, Integrity and Availability (CIA) of sensitive information are not at risk of compromise. Exploitation of the vulnerability may cause slight financial loss or public embarrassment. The threat exposure is moderate-to-low. Security controls are in place to contain the severity of impact if the vulnerability were exploited, such that further political, financial, or legal damage will not occur. - OR - The vulnerability is such that it would otherwise be considered Medium Risk, but the threat exposure is so limited that the likelihood of occurrence is minimal.
+rating=Rating
+
+
+
+# Severities
+low=Niedrig
+medium=Mittel
+high=Hoch
+critical=Kritisch

security-c4po-reporting/src/main/resources/jasper/reports/c4po_appendencies.jrxml

@@ -30,43 +30,25 @@
                 <reportElement x="539" y="3" width="23" height="24" uuid="74214b7e-f089-49f2-9ef9-ef134386750c"/>
                 <imageExpression><![CDATA[$P{CDATA_WATERMARK}]]></imageExpression>
             </image>
-            <staticText>
+            <textField>
-                <reportElement x="0" y="0" width="432" height="30" forecolor="#FFFFFF" uuid="cb237865-2647-4ee2-a85c-ebc5c8f84f9e"/>
+                <reportElement x="0" y="0" width="379" height="30" forecolor="#FFFFFF" uuid="be664645-4ffa-4b27-b58d-59adf00c2f31"/>
                 <textElement verticalAlignment="Middle">
                     <font size="16" isBold="true"/>
                 </textElement>
-                <text><![CDATA[Appendencies]]></text>
+                <textFieldExpression><![CDATA[$R{title.appendencies}]]></textFieldExpression>
-            </staticText>
+            </textField>
         </band>
     </title>
     <detail>
         <band height="540" splitType="Stretch">
-            <staticText>
-                <reportElement x="0" y="0" width="280" height="20" forecolor="#232B44" uuid="32713af0-e0bd-432b-b369-db31f8617e26"/>
-                <textElement>
-                    <font size="12" isBold="true"/>
-                </textElement>
-                <text><![CDATA[Findings Severities]]></text>
-            </staticText>
-            <staticText>
-                <reportElement x="0" y="20" width="553" height="50" uuid="e43d5ec6-84d5-4d8e-9aca-94c3c48697e8"/>
-                <textElement>
-                    <font size="12"/>
-                </textElement>
-                <text><![CDATA[Each finding has been assigned a severity rating of critical high, medium, or low. The rating is based off of an assessment of the priority with which each finding should be viewed and the potential impact each has on the confidentiality, integrity, and availability.]]></text>
-            </staticText>
             <subreport>
-                <reportElement positionType="Float" x="-3" y="510" width="553" height="30" uuid="ca9b0ff4-30c6-43d0-8da2-458d1960ef0b"/>
+                <reportElement positionType="Float" x="0" y="510" width="553" height="30" uuid="ca9b0ff4-30c6-43d0-8da2-458d1960ef0b"/>
+                <subreportParameter name="REPORT_RESOURCE_BUNDLE">
+                    <subreportParameterExpression><![CDATA[$P{REPORT_RESOURCE_BUNDLE}]]></subreportParameterExpression>
+                </subreportParameter>
                 <dataSourceExpression><![CDATA[new net.sf.jasperreports.engine.JREmptyDataSource()]]></dataSourceExpression>
                 <subreportExpression><![CDATA[$P{CDATA_SeverityRatingTable}]]></subreportExpression>
             </subreport>
-            <staticText>
-                <reportElement x="0" y="83" width="280" height="20" forecolor="#232B44" uuid="147e164e-f290-4751-82ca-e4b55508408f"/>
-                <textElement>
-                    <font size="12" isBold="true"/>
-                </textElement>
-                <text><![CDATA[Risk Matrix]]></text>
-            </staticText>
             <rectangle>
                 <reportElement x="0" y="162" width="70" height="27" backcolor="#232B44" uuid="71a50420-4cd9-4b6a-b84d-80d3f860562b"/>
             </rectangle>
@@ -87,7 +69,7 @@
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Risk score"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{risk_score}]]></textFieldExpression>
             </textField>
             <rectangle>
                 <reportElement x="0" y="270" width="70" height="27" backcolor="#232B44" uuid="318d3354-5dd7-4585-b609-4e56c2db0cfc"/>
@@ -97,7 +79,7 @@
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Risk level category"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{risk_level_cat}]]></textFieldExpression>
             </textField>
             <rectangle>
                 <reportElement x="0" y="297" width="70" height="135" backcolor="#232B44" uuid="87004217-c837-4b5a-98a5-8007ba939214"/>
@@ -147,7 +129,7 @@
                 <textElement textAlignment="Center" verticalAlignment="Middle" rotation="Left">
                     <font size="14" isBold="true" isItalic="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Severity"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{severity}]]></textFieldExpression>
             </textField>
             <rectangle>
                 <reportElement x="190" y="162" width="345" height="81" backcolor="#232B44" uuid="fcfd3c38-9b82-4492-b52e-037be743c7b5"/>
@@ -157,7 +139,7 @@
                 <textElement textAlignment="Center" verticalAlignment="Middle" rotation="None">
                     <font size="14" isBold="true" isItalic="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Likelihood"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{likelihood}]]></textFieldExpression>
             </textField>
             <rectangle>
                 <reportElement x="190" y="243" width="69" height="55" backcolor="#232B44" uuid="d6f79cc1-0658-442e-8e95-f0af4e56043a"/>
@@ -439,118 +421,138 @@
                 </textElement>
                 <textFieldExpression><![CDATA["Medium"]]></textFieldExpression>
             </textField>
-            <staticText>
-                <reportElement x="1" y="450" width="553" height="50" uuid="a2abe321-3344-4e53-9e2b-67a415b68e38"/>
-                <textElement>
-                    <font size="12"/>
-                </textElement>
-                <text><![CDATA[Example, if Likelihood = Possible (3) and Severity = Major (4), the risk level is determined by severity * likelihood, which is 3*4 = 12. The score 12 falls in 'High' risk range.]]></text>
-            </staticText>
-            <staticText>
-                <reportElement x="0" y="103" width="552" height="66" uuid="c91f1515-1d18-4c4f-91b8-6c4b957f46db"/>
-                <textElement>
-                    <font size="12"/>
-                </textElement>
-                <text><![CDATA[The risk matrix is used to assess the potential damage of a hazard, based on the likelihood and severity factors. The likelihood and severity scores are multiplied to obtain a score value. This score is looked up in the risk ranges to determine the risk level. An example of a hazard risk matrix is given below:
-]]></text>
-            </staticText>
             <textField>
                 <reportElement x="191" y="243" width="67" height="53" forecolor="#FFFFFF" uuid="0fd887e8-76e4-4098-9a1b-3db131529904"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Rare (1)"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{rare} + " (1)"]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="329" y="243" width="67" height="53" forecolor="#FFFFFF" uuid="2508e027-31fb-446d-b0b9-b8e580720852"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Possible (3)"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{possible} + " (3)"]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="398" y="243" width="67" height="53" forecolor="#FFFFFF" uuid="ce5f3ba9-6844-4a80-9a42-bf83f214167c"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Likely (4)"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{likely} + " (4)"]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="467" y="243" width="67" height="53" forecolor="#FFFFFF" uuid="a56ddfd6-2208-45ca-9520-4382473db1fe"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Almost certain (5)"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{almost_certain} + " (5)"]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="70" y="298" width="119" height="26" forecolor="#FFFFFF" uuid="697fe7ea-d9b0-4987-b6bd-81bb86ae494b"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Catastrophic (5)"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{catastrophic} + " (5)"]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="70" y="325" width="118" height="26" forecolor="#FFFFFF" uuid="d045b5f3-c8a3-4ccd-90e9-84665d513598"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Major (4)"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{major} + " (4)"]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="70" y="353" width="118" height="26" forecolor="#FFFFFF" uuid="548ef559-8535-492d-a377-bfcea621c7e8"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Moderate (3)"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{moderate} + " (3)"]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="70" y="380" width="118" height="26" forecolor="#FFFFFF" uuid="e63fdc52-3815-4bbe-982d-bc3407020a0d"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Minor (2)"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{minor} + " (2)"]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="70" y="406" width="118" height="26" forecolor="#FFFFFF" uuid="d6b54c01-00d8-46b7-b60f-76d14573a43c"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Insignificant (1)"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{insignificant} + " (1)"]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="0" y="189" width="70" height="26" forecolor="#FFFFFF" uuid="bca9c1cb-f112-41e2-8744-2567e75f1207"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12"/>
                 </textElement>
-                <textFieldExpression><![CDATA[1 + " to " + 4]]></textFieldExpression>
+                <textFieldExpression><![CDATA[1 + " " + $R{to} + " " + 4]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="0" y="216" width="70" height="26" forecolor="#FFFFFF" uuid="d2414371-7103-4bd1-92a1-2ebc2b5810c8"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12"/>
                 </textElement>
-                <textFieldExpression><![CDATA[5 + " to " + 10]]></textFieldExpression>
+                <textFieldExpression><![CDATA[5 + " " + $R{to} + " " + 10]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="0" y="244" width="70" height="26" forecolor="#FFFFFF" uuid="ff567b36-de30-4526-8e54-4a3d15ccc8db"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12"/>
                 </textElement>
-                <textFieldExpression><![CDATA[11 + " to " + 18]]></textFieldExpression>
+                <textFieldExpression><![CDATA[11 + " " + $R{to} + " " + 18]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="0" y="270" width="70" height="26" forecolor="#FFFFFF" uuid="88308555-1cca-43b2-9e43-24ea40df5b8e"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12"/>
                 </textElement>
-                <textFieldExpression><![CDATA[19 + " to " + 25]]></textFieldExpression>
+                <textFieldExpression><![CDATA[19 + " " + $R{to} + " " + 25]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="265" y="243" width="57" height="53" forecolor="#FFFFFF" uuid="8081c1bf-ddd0-4207-a9df-3337e0c84936"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Unlikely (2)"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{unlikely} + " (2)"]]></textFieldExpression>
+            </textField>
+            <textField>
+                <reportElement x="0" y="0" width="479" height="20" forecolor="#232B44" uuid="71e811b3-4732-474d-b281-86dcea50d00a"/>
+                <textElement textAlignment="Left" verticalAlignment="Top" markup="none">
+                    <font size="12" isBold="true"/>
+                </textElement>
+                <textFieldExpression><![CDATA[$R{title.findings_severities}]]></textFieldExpression>
+            </textField>
+            <textField>
+                <reportElement x="0" y="83" width="479" height="20" forecolor="#232B44" uuid="1f0f483e-f47f-44a6-a9a2-62bb1ac65c5d"/>
+                <textElement textAlignment="Left" verticalAlignment="Top" markup="none">
+                    <font size="12" isBold="true"/>
+                </textElement>
+                <textFieldExpression><![CDATA[$R{title.risk_matrix}]]></textFieldExpression>
+            </textField>
+            <textField>
+                <reportElement x="0" y="20" width="550" height="50" uuid="67db61b2-4576-4b74-9a44-d43c87041856"/>
+                <textElement>
+                    <font size="12"/>
+                </textElement>
+                <textFieldExpression><![CDATA[$R{text.findings_severities}]]></textFieldExpression>
+            </textField>
+            <textField>
+                <reportElement x="0" y="103" width="550" height="58" uuid="e15c8a70-988c-4a56-a057-337376fcde61"/>
+                <textElement>
+                    <font size="12"/>
+                </textElement>
+                <textFieldExpression><![CDATA[$R{text.risk_matrix}]]></textFieldExpression>
+            </textField>
+            <textField>
+                <reportElement x="0" y="440" width="550" height="58" uuid="02ad683d-233d-49c4-b9c5-d94c1499e962"/>
+                <textElement>
+                    <font size="12"/>
+                </textElement>
+                <textFieldExpression><![CDATA[$R{example.risk_matrix}]]></textFieldExpression>
             </textField>
         </band>
     </detail>

security-c4po-reporting/src/main/resources/jasper/reports/c4po_content.jrxml

@@ -59,13 +59,6 @@
                     <pen lineWidth="0.0"/>
                 </graphicElement>
             </rectangle>
-            <staticText>
-                <reportElement x="0" y="0" width="432" height="30" forecolor="#FFFFFF" uuid="59ee1bdf-8502-4520-8bd1-4f6e4d88df61"/>
-                <textElement verticalAlignment="Middle">
-                    <font size="16" isBold="true"/>
-                </textElement>
-                <text><![CDATA[Table of Contents]]></text>
-            </staticText>
             <ellipse>
                 <reportElement x="537" y="0" width="30" height="30" backcolor="#232B44" uuid="afe21e22-58aa-4b83-ae86-c7ecd482d732"/>
                 <graphicElement>
@@ -76,6 +69,13 @@
                 <reportElement x="539" y="3" width="23" height="24" uuid="2ca905b3-37c8-40ae-a9ea-3beb016b504c"/>
                 <imageExpression><![CDATA[$P{CDATA_WATERMARK}]]></imageExpression>
             </image>
+            <textField>
+                <reportElement x="0" y="0" width="379" height="30" forecolor="#FFFFFF" uuid="b04484b0-30a0-42d4-af5e-920f58fee9e5"/>
+                <textElement verticalAlignment="Middle">
+                    <font size="16" isBold="true"/>
+                </textElement>
+                <textFieldExpression><![CDATA[$R{title.content}]]></textFieldExpression>
+            </textField>
         </band>
     </title>
     <detail>
@@ -95,101 +95,98 @@
                     <jr:column width="400" uuid="e1ddda3b-a51b-4ebc-ab41-72ba37cb90fc">
                         <property name="com.jaspersoft.studio.components.table.model.column.name" value="Column1"/>
                         <jr:tableHeader style="Table_TH" height="30" rowSpan="1">
-                            <staticText>
+                            <textField>
-                                <reportElement x="0" y="0" width="400" height="30" uuid="dade4652-f819-4d79-8d3d-4b2b2d569f9f"/>
+                                <reportElement x="0" y="0" width="400" height="30" uuid="61fc1eab-0534-4abc-a3d8-4fe3a65f082e"/>
                                 <textElement verticalAlignment="Middle">
-                                    <font fontName="SansSerif" size="12" isBold="true"/>
+                                    <font size="12" isBold="true"/>
                                 </textElement>
-                                <text><![CDATA[State of Confidentiality]]></text>
+                                <textFieldExpression><![CDATA[$R{title.confidentiality}]]></textFieldExpression>
-                            </staticText>
+                            </textField>
                         </jr:tableHeader>
                         <jr:tableFooter style="Table_TH" height="100" rowSpan="1">
-                            <staticText>
+                            <textField>
-                                <reportElement x="0" y="0" width="400" height="25" uuid="75eee7d9-35ab-43f9-9a65-041cbeec379e"/>
+                                <reportElement x="0" y="0" width="400" height="25" uuid="8286e514-717b-453c-a3fd-407085cfc06b"/>
                                 <textElement verticalAlignment="Middle">
-                                    <font fontName="SansSerif" size="12" isBold="true"/>
+                                    <font size="12" isBold="true"/>
                                 </textElement>
-                                <text><![CDATA[Appendencies]]></text>
+                                <textFieldExpression><![CDATA[$R{title.appendencies}]]></textFieldExpression>
-                            </staticText>
+                            </textField>
-                            <staticText>
+                            <textField>
-                                <reportElement x="0" y="25" width="400" height="25" forecolor="#232B44" uuid="9c81fdd0-7620-4ac9-8554-a686bd61e868">
+                                <reportElement x="0" y="25" width="400" height="25" forecolor="#232B44" uuid="ff1277d5-4d92-45d4-8bb0-33e276535ccb">
                                     <property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
                                 </reportElement>
                                 <textElement verticalAlignment="Middle">
-                                    <font fontName="SansSerif" size="12" isBold="true"/>
+                                    <font size="12" isBold="true"/>
                                     <paragraph leftIndent="10"/>
                                 </textElement>
-                                <text><![CDATA[Findings Severities]]></text>
+                                <textFieldExpression><![CDATA[$R{title.findings_severities}]]></textFieldExpression>
-                            </staticText>
+                            </textField>
-                            <staticText>
+                            <textField>
-                                <reportElement x="0" y="50" width="400" height="25" forecolor="#232B44" uuid="c2e58188-b6bf-4184-afc4-f4fc122e4ac1">
+                                <reportElement x="0" y="50" width="400" height="25" forecolor="#232B44" uuid="f7916dac-ce4d-4465-a966-725da9aec246">
                                     <property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
                                 </reportElement>
                                 <textElement verticalAlignment="Middle">
-                                    <font fontName="SansSerif" size="12" isBold="true"/>
+                                    <font size="12" isBold="true"/>
                                     <paragraph leftIndent="10"/>
                                 </textElement>
-                                <text><![CDATA[Risk Matrix]]></text>
+                                <textFieldExpression><![CDATA[$R{title.risk_matrix}]]></textFieldExpression>
-                            </staticText>
+                            </textField>
-                            <staticText>
+                            <textField>
-                                <reportElement x="0" y="75" width="400" height="25" forecolor="#232B44" uuid="76a14be3-8f39-4052-a22f-2f3dac68e0ae">
+                                <reportElement x="0" y="75" width="400" height="25" forecolor="#232B44" uuid="3ecdc1c6-144c-4216-8073-0cd10c433b05">
                                     <property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
                                 </reportElement>
                                 <textElement verticalAlignment="Middle">
-                                    <font fontName="SansSerif" size="12" isBold="true"/>
+                                    <font size="12" isBold="true"/>
                                     <paragraph leftIndent="10"/>
                                 </textElement>
-                                <text><![CDATA[Severity Rating Definitions]]></text>
+                                <textFieldExpression><![CDATA[$R{title.severity_definitions}]]></textFieldExpression>
-                            </staticText>
+                            </textField>
                         </jr:tableFooter>
                         <jr:columnHeader style="Table_CH" height="170" rowSpan="1">
-                            <staticText>
+                            <textField>
-                                <reportElement x="0" y="0" width="400" height="34" uuid="9d638d8b-7d1c-4fe2-b494-d8ee3c337a9f"/>
+                                <reportElement x="0" y="0" width="400" height="34" uuid="0dcf4738-ac1b-4a51-939c-8b8048166783"/>
                                 <textElement verticalAlignment="Middle">
-                                    <font fontName="SansSerif" size="12" isBold="true"/>
+                                    <font size="12" isBold="true"/>
                                 </textElement>
-                                <text><![CDATA[Executive Summary]]></text>
+                                <textFieldExpression><![CDATA[$R{title.summary}]]></textFieldExpression>
-                            </staticText>
+                            </textField>
-                            <staticText>
+                            <textField>
-                                <reportElement x="0" y="34" width="400" height="34" forecolor="#232B44" uuid="3089a5ee-9038-4d3d-b7c7-ff7be4a1a91e">
+                                <reportElement x="0" y="34" width="400" height="34" forecolor="#232B44" uuid="5445fcf0-817f-4008-bc39-fa61b6171fe7">
                                     <property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
                                 </reportElement>
                                 <textElement verticalAlignment="Middle">
-                                    <font fontName="SansSerif" size="12" isBold="true"/>
+                                    <font size="12" isBold="true"/>
                                     <paragraph leftIndent="10"/>
                                 </textElement>
-                                <text><![CDATA[Assessment Overview and Recommendations]]></text>
+                                <textFieldExpression><![CDATA[$R{title.assessment_overview_and_recommendations}]]></textFieldExpression>
-                            </staticText>
+                            </textField>
-                            <staticText>
+                            <textField>
-                                <reportElement x="0" y="68" width="400" height="34" forecolor="#232B44" uuid="03912891-062e-41e2-88fb-1cd2dd0eb37c">
+                                <reportElement x="0" y="68" width="400" height="34" forecolor="#232B44" uuid="bdb51757-ecb6-41cc-9ee9-58072b3e5307">
                                     <property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
                                 </reportElement>
                                 <textElement verticalAlignment="Middle">
-                                    <font fontName="SansSerif" size="12" isBold="true"/>
+                                    <font size="12" isBold="true"/>
                                     <paragraph leftIndent="10"/>
                                 </textElement>
-                                <text><![CDATA[Number of Findings per Category]]></text>
+                                <textFieldExpression><![CDATA[$R{title.number_of_findings_per_category}]]></textFieldExpression>
-                            </staticText>
+                            </textField>
-                            <staticText>
+                            <textField>
-                                <reportElement x="0" y="102" width="400" height="34" forecolor="#232B44" uuid="cf22afbf-5690-4d33-86be-f671daa668ac">
+                                <reportElement x="0" y="102" width="400" height="34" forecolor="#232B44" uuid="68058a42-5ac0-4a11-b9a3-9159d2fae966">
                                     <property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
                                 </reportElement>
                                 <textElement verticalAlignment="Middle">
-                                    <font fontName="SansSerif" size="12" isBold="true"/>
+                                    <font size="12" isBold="true"/>
                                     <paragraph leftIndent="10"/>
                                 </textElement>
-                                <text><![CDATA[Severity Overview of Findings]]></text>
+                                <textFieldExpression><![CDATA[$R{title.severity_overview_of_findings}]]></textFieldExpression>
-                            </staticText>
+                            </textField>
-                            <staticText>
+                            <textField>
-                                <reportElement x="0" y="136" width="400" height="34" uuid="642bc39c-e2fd-47bb-ae15-8a30fb59ad72">
+                                <reportElement x="0" y="136" width="400" height="34" uuid="6bc57000-98b4-4c44-90a7-23be43cc5bf0"/>
-                                    <property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
-                                </reportElement>
                                 <textElement verticalAlignment="Middle">
-                                    <font fontName="SansSerif" size="12" isBold="true"/>
+                                    <font size="12" isBold="true"/>
-                                    <paragraph leftIndent="0"/>
                                 </textElement>
-                                <text><![CDATA[Technical Findings and Comments Details]]></text>
+                                <textFieldExpression><![CDATA[$R{title.reports}]]></textFieldExpression>
-                            </staticText>
+                            </textField>
                         </jr:columnHeader>
                         <jr:detailCell style="Table_TD" height="30">
                             <textField>
@@ -224,7 +221,7 @@
         </band>
     </detail>
     <columnFooter>
-        <band height="49" splitType="Stretch"/>
+        <band height="50" splitType="Stretch"/>
     </columnFooter>
     <pageFooter>
         <band height="54" splitType="Stretch"/>

security-c4po-reporting/src/main/resources/jasper/reports/c4po_cover.jrxml

@@ -122,14 +122,14 @@
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="26" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Penetration Test"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{title.cover_one}]]></textFieldExpression>
             </textField>
             <textField>
                 <reportElement x="107" y="61" width="340" height="40" forecolor="#232B44" uuid="edce29e2-8963-43bd-8361-69e579e4a1e1"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
                     <font size="26" isBold="true"/>
                 </textElement>
-                <textFieldExpression><![CDATA["Report of Findings"]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{title.cover_two}]]></textFieldExpression>
             </textField>
         </band>
     </columnHeader>
@@ -176,13 +176,13 @@
             <rectangle>
                 <reportElement x="-20" y="-10" width="595" height="20" forecolor="#151B2E" backcolor="#151B2E" uuid="724a02c5-82c8-4a72-bf81-b77baa72c723"/>
             </rectangle>
-            <staticText>
+            <textField>
-                <reportElement mode="Opaque" x="0" y="-9" width="551" height="18" forecolor="#FEFEFF" backcolor="#151B2E" uuid="3291af19-09ed-453c-a068-90a951d4f7b5"/>
+                <reportElement x="0" y="-7" width="554" height="15" forecolor="#FFFFFF" uuid="32716a0d-4cec-4dc4-b766-f545dea11169"/>
                 <textElement textAlignment="Center" verticalAlignment="Middle">
-                    <font fontName="SansSerif&#xA;&#xA;" size="8" isBold="true" isItalic="false"/>
+                    <font size="8" isBold="true"/>
                 </textElement>
-                <text><![CDATA[No part of this document may be disclosed to outside sources without the explicit written authorization of the tester]]></text>
+                <textFieldExpression><![CDATA[$R{hint}]]></textFieldExpression>
-            </staticText>
+            </textField>
         </band>
     </pageFooter>
 </jasperReport>

security-c4po-reporting/src/main/resources/jasper/reports/c4po_executive_summary.jrxml

@@ -141,13 +141,6 @@
                     <pen lineWidth="0.0"/>
                 </graphicElement>
             </rectangle>
-            <staticText>
-                <reportElement x="0" y="0" width="432" height="30" forecolor="#FFFFFF" uuid="727c5a22-9505-4eee-8697-c33c25770203"/>
-                <textElement verticalAlignment="Middle">
-                    <font size="16" isBold="true"/>
-                </textElement>
-                <text><![CDATA[Executive Summary]]></text>
-            </staticText>
             <ellipse>
                 <reportElement x="537" y="0" width="30" height="30" backcolor="#232B44" uuid="94ae9350-4d6a-4660-a412-628324e3e766"/>
                 <graphicElement>
@@ -158,6 +151,13 @@
                 <reportElement x="539" y="3" width="23" height="24" uuid="e47a59e3-90b6-43d3-9d42-930a6d497a05"/>
                 <imageExpression><![CDATA[$P{CDATA_WATERMARK}]]></imageExpression>
             </image>
+            <textField>
+                <reportElement x="1" y="0" width="379" height="30" forecolor="#FFFFFF" uuid="4c1bb295-6c8a-4ee8-a0c7-9c9787bde39c"/>
+                <textElement verticalAlignment="Middle">
+                    <font size="16" isBold="true"/>
+                </textElement>
+                <textFieldExpression><![CDATA[$R{title.summary}]]></textFieldExpression>
+            </textField>
         </band>
     </title>
     <columnHeader>
@@ -167,33 +167,19 @@
                 <textElement>
                     <font size="12"/>
                 </textElement>
-                <textFieldExpression><![CDATA[(($F{summary}.length() == 0) ? "" + $F{client} +" contracted " + $F{tester} + " to perform a Penetration Test to identify security weaknesses, determine the impact to " + $F{client} +", document all findings in a clear and repeatable manner, and provide remediation recommendations."  : $F{summary})]]></textFieldExpression>
+                <textFieldExpression><![CDATA[(($F{summary}.length() == 0) ? $R{text.summary}  : $F{summary})]]></textFieldExpression>
             </textField>
-            <staticText>
+            <textField>
-                <reportElement x="0" y="10" width="380" height="20" forecolor="#232B44" uuid="b508eb27-8cf7-40f3-86e8-6b7c9328d919"/>
+                <reportElement x="1" y="11" width="479" height="19" forecolor="#232B44" uuid="13717058-8dea-4512-8807-1d2eda079aad"/>
-                <textElement>
+                <textElement textAlignment="Left" verticalAlignment="Top" markup="none">
                     <font size="12" isBold="true"/>
                 </textElement>
-                <text><![CDATA[Assessment Overview and Recommendations]]></text>
+                <textFieldExpression><![CDATA[$R{title.assessment_overview_and_recommendations}]]></textFieldExpression>
-            </staticText>
+            </textField>
         </band>
     </columnHeader>
     <detail>
         <band height="500" splitType="Stretch">
-            <staticText>
-                <reportElement x="0" y="20" width="380" height="20" forecolor="#232B44" uuid="43e826cd-e910-4ab5-a689-935baa555e58"/>
-                <textElement>
-                    <font size="12" isBold="true"/>
-                </textElement>
-                <text><![CDATA[Number of Findings per Category]]></text>
-            </staticText>
-            <staticText>
-                <reportElement positionType="Float" x="0" y="300" width="380" height="20" forecolor="#232B44" uuid="daae5600-96f6-4f4c-b3ce-a12aadf2696a"/>
-                <textElement>
-                    <font size="12" isBold="true"/>
-                </textElement>
-                <text><![CDATA[Severity Overview of Findings]]></text>
-            </staticText>
             <pieChart>
                 <chart evaluationTime="Report">
                     <reportElement key="" positionType="Float" stretchType="ElementGroupHeight" x="0" y="40" width="553" height="239" uuid="aaf04aa7-f7c5-48b9-b422-0f210e35d7be"/>
@@ -269,6 +255,20 @@
                     <itemLabel/>
                 </piePlot>
             </pieChart>
+            <textField>
+                <reportElement x="0" y="20" width="480" height="19" forecolor="#232B44" uuid="8810e73b-f431-430d-86bc-10747c926be6"/>
+                <textElement textAlignment="Left" verticalAlignment="Top" markup="none">
+                    <font size="12" isBold="true"/>
+                </textElement>
+                <textFieldExpression><![CDATA[$R{title.number_of_findings_per_category}]]></textFieldExpression>
+            </textField>
+            <textField>
+                <reportElement x="1" y="300" width="479" height="19" forecolor="#232B44" uuid="e21093fa-df5d-4827-a2a5-b935db9749e3"/>
+                <textElement textAlignment="Left" verticalAlignment="Top" markup="none">
+                    <font size="12" isBold="true"/>
+                </textElement>
+                <textFieldExpression><![CDATA[$R{title.severity_overview_of_findings}]]></textFieldExpression>
+            </textField>
         </band>
     </detail>
 </jasperReport>

security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_comments_only.jrxml

@@ -223,6 +223,9 @@
         <band height="611" splitType="Stretch">
             <subreport isUsingCache="false" runToBottom="false">
                 <reportElement x="0" y="0" width="554" height="610" isRemoveLineWhenBlank="true" uuid="48da877f-cf38-4fc2-9104-934c8a528d6e"/>
+                <subreportParameter name="REPORT_RESOURCE_BUNDLE">
+                    <subreportParameterExpression><![CDATA[$P{REPORT_RESOURCE_BUNDLE}]]></subreportParameterExpression>
+                </subreportParameter>
                 <dataSourceExpression><![CDATA[$P{PentestCommentsDataSource}]]></dataSourceExpression>
                 <subreportExpression><![CDATA[$P{CDATA_CommentsSubreport}]]></subreportExpression>
             </subreport>

security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_findings_and_comments.jrxml

@@ -316,11 +316,17 @@
                 <subreportParameter name="PentestFindingsDataSource">
                     <subreportParameterExpression><![CDATA[]]></subreportParameterExpression>
                 </subreportParameter>
+                <subreportParameter name="REPORT_RESOURCE_BUNDLE">
+                    <subreportParameterExpression><![CDATA[$P{REPORT_RESOURCE_BUNDLE}]]></subreportParameterExpression>
+                </subreportParameter>
                 <dataSourceExpression><![CDATA[$P{PentestFindingsDataSource}]]></dataSourceExpression>
                 <subreportExpression><![CDATA[$P{CDATA_FindingsSubreport}]]></subreportExpression>
             </subreport>
             <subreport isUsingCache="false" runToBottom="true">
                 <reportElement positionType="Float" x="0" y="350" width="554" height="339" isRemoveLineWhenBlank="true" uuid="48da877f-cf38-4fc2-9104-934c8a528d6e"/>
+                <subreportParameter name="REPORT_RESOURCE_BUNDLE">
+                    <subreportParameterExpression><![CDATA[$P{REPORT_RESOURCE_BUNDLE}]]></subreportParameterExpression>
+                </subreportParameter>
                 <dataSourceExpression><![CDATA[$P{PentestCommentsDataSource}]]></dataSourceExpression>
                 <subreportExpression><![CDATA[$P{CDATA_CommentsSubreport}]]></subreportExpression>
             </subreport>

security-c4po-reporting/src/main/resources/jasper/reports/c4po_pentests_findings_only.jrxml

@@ -271,6 +271,9 @@
                 <subreportParameter name="PentestFindingsDataSource">
                     <subreportParameterExpression><![CDATA[]]></subreportParameterExpression>
                 </subreportParameter>
+                <subreportParameter name="REPORT_RESOURCE_BUNDLE">
+                    <subreportParameterExpression><![CDATA[$P{REPORT_RESOURCE_BUNDLE}]]></subreportParameterExpression>
+                </subreportParameter>
                 <dataSourceExpression><![CDATA[$P{PentestFindingsDataSource}]]></dataSourceExpression>
                 <subreportExpression><![CDATA[$P{CDATA_FindingsSubreport}]]></subreportExpression>
             </subreport>

security-c4po-reporting/src/main/resources/jasper/reports/c4po_state_of_confidentiality.jrxml

@@ -58,30 +58,23 @@
                 <reportElement x="539" y="3" width="23" height="24" uuid="75a577b3-42df-4d40-be10-d0991b2769e2"/>
                 <imageExpression><![CDATA[$P{CDATA_WATERMARK}]]></imageExpression>
             </image>
-            <staticText>
+            <textField>
-                <reportElement x="0" y="0" width="432" height="30" forecolor="#FFFFFF" uuid="329f5881-cba9-4418-9ef0-99a6805906ba"/>
+                <reportElement x="0" y="0" width="379" height="30" forecolor="#FFFFFF" uuid="28de72b7-9df9-4a23-af2b-1f0266caf400"/>
                 <textElement verticalAlignment="Middle">
                     <font size="16" isBold="true"/>
                 </textElement>
-                <text><![CDATA[State of Confidentiality]]></text>
+                <textFieldExpression><![CDATA[$R{title.confidentiality}]]></textFieldExpression>
-            </staticText>
+            </textField>
         </band>
     </title>
     <detail>
         <band height="460" splitType="Stretch">
             <textField textAdjust="StretchHeight">
-                <reportElement x="0" y="0" width="552" height="99" uuid="155d6f81-907f-49ed-ae21-2dae085f72b2"/>
+                <reportElement x="0" y="0" width="552" height="339" uuid="155d6f81-907f-49ed-ae21-2dae085f72b2"/>
                 <textElement>
                     <font size="12"/>
                 </textElement>
-                <textFieldExpression><![CDATA["The contents of this document have been developed by " + $F{tester} + ". " + $F{tester} + " considers the contents of this document to be proprietary and business confidential information. This information is to be used only in the performance of its intended use. This document may not be released to another vendor, business partner or contractor without prior written consent from " + $F{tester} + ". Additionally, no portion of this document may be communicated, reproduced, copied or distributed without the prior consent of " + $F{tester} + "."]]></textFieldExpression>
+                <textFieldExpression><![CDATA[$R{text.confidentiality}]]></textFieldExpression>
-            </textField>
-            <textField textAdjust="StretchHeight">
-                <reportElement positionType="Float" x="0" y="100" width="551" height="100" uuid="6b5626a8-ff7b-450b-8c53-93c2115bd56c"/>
-                <textElement>
-                    <font size="12"/>
-                </textElement>
-                <textFieldExpression><![CDATA["The contents of this document do not constitute legal advice. " + $F{tester}+"’s offer of services that relate to compliance, litigation or other legal interests are not intended as legal counsel and should not be taken as such. The assessment detailed herein is against the company " + $F{client} + " for examination purposes, and the vulnerabilities included in this document should be mitigated in order to secure " + $F{client} + " external or internal infrastructure."]]></textFieldExpression>
             </textField>
         </band>
     </detail>

security-c4po-reporting/src/main/resources/jasper/subReports/CommentsSubreport.jrxml

@@ -35,20 +35,6 @@
 	</background>
 	<detail>
 		<band height="580" splitType="Stretch">
-			<staticText>
-				<reportElement x="0" y="50" width="100" height="19" forecolor="#232B44" uuid="27e653a4-f25c-4e14-a2dd-98639beaa958"/>
-				<textElement>
-					<font size="12" isBold="true"/>
-				</textElement>
-				<text><![CDATA[Title:]]></text>
-			</staticText>
-			<staticText>
-				<reportElement positionType="Float" x="0" y="120" width="100" height="20" forecolor="#232B44" uuid="4f0f0eaf-177b-4af7-99d8-a46b0faa9357"/>
-				<textElement>
-					<font size="12" isBold="true"/>
-				</textElement>
-				<text><![CDATA[Description:]]></text>
-			</staticText>
 			<textField textAdjust="StretchHeight">
 				<reportElement x="0" y="70" width="530" height="30" uuid="62ff1e8e-7987-4cd0-a79e-536859418d32"/>
 				<textElement>
@@ -82,13 +68,27 @@
 				</textElement>
 				<textFieldExpression><![CDATA[$F{id}]]></textFieldExpression>
 			</textField>
-			<staticText>
+			<textField>
-				<reportElement x="0" y="-12" width="80" height="32" forecolor="#FFFFFF" uuid="06c9b872-ccec-44a6-854f-ef7b5dcedec9"/>
+				<reportElement x="0" y="-12" width="80" height="32" forecolor="#FFFFFF" uuid="e3a73731-aebe-4f52-b965-c33e63c03dac"/>
 				<textElement verticalAlignment="Middle">
 					<font size="14" isBold="true"/>
 				</textElement>
-				<text><![CDATA[Comment:]]></text>
+				<textFieldExpression><![CDATA[$R{title.comment}]]></textFieldExpression>
-			</staticText>
+			</textField>
+			<textField>
+				<reportElement x="0" y="50" width="280" height="20" forecolor="#232B44" uuid="19308a8b-8ca0-48cb-84c9-a7088027b7f3"/>
+				<textElement>
+					<font size="12" isBold="true"/>
+				</textElement>
+				<textFieldExpression><![CDATA[$R{title}]]></textFieldExpression>
+			</textField>
+			<textField>
+				<reportElement positionType="Float" x="0" y="120" width="280" height="20" forecolor="#232B44" uuid="967a81ec-1f91-431f-a644-c26eecad5d34"/>
+				<textElement>
+					<font size="12" isBold="true"/>
+				</textElement>
+				<textFieldExpression><![CDATA[$R{description}]]></textFieldExpression>
+			</textField>
 		</band>
 	</detail>
 </jasperReport>

security-c4po-reporting/src/main/resources/jasper/subReports/FindingsSubreport.jrxml

@@ -86,20 +86,6 @@
 				</textElement>
 				<textFieldExpression><![CDATA[$F{description}]]></textFieldExpression>
 			</textField>
-			<staticText>
-				<reportElement positionType="Float" x="0" y="120" width="100" height="20" forecolor="#232B44" uuid="cb620215-7d9a-422e-a286-d1374c29469a"/>
-				<textElement>
-					<font size="12" isBold="true"/>
-				</textElement>
-				<text><![CDATA[Description:]]></text>
-			</staticText>
-			<staticText>
-				<reportElement x="0" y="50" width="100" height="20" forecolor="#232B44" uuid="a8c19344-4ce8-4d15-919b-4cbb004aba79"/>
-				<textElement>
-					<font size="12" isBold="true"/>
-				</textElement>
-				<text><![CDATA[Title:]]></text>
-			</staticText>
 			<textField textAdjust="StretchHeight">
 				<reportElement x="0" y="70" width="430" height="30" uuid="1ac22e9e-2fe9-4fc7-94ca-5e30db7aa74f"/>
 				<textElement>
@@ -107,13 +93,6 @@
 				</textElement>
 				<textFieldExpression><![CDATA[$F{title}]]></textFieldExpression>
 			</textField>
-			<staticText>
-				<reportElement positionType="Float" x="0" y="200" width="100" height="20" forecolor="#232B44" uuid="3d056116-a999-4c17-b3b0-94b26e69c9c6"/>
-				<textElement>
-					<font size="12" isBold="true"/>
-				</textElement>
-				<text><![CDATA[Impact:]]></text>
-			</staticText>
 			<textField textAdjust="StretchHeight">
 				<reportElement positionType="Float" x="0" y="220" width="530" height="40" uuid="d026c3e2-1431-4010-b0d7-bf07cb339ed7"/>
 				<textElement>
@@ -128,27 +107,13 @@
 				</textElement>
 				<textFieldExpression><![CDATA[$F{reproduction}]]></textFieldExpression>
 			</textField>
-			<staticText>
-				<reportElement positionType="Float" x="0" y="280" width="180" height="20" forecolor="#232B44" uuid="5d0ab6e7-dd18-4da2-848b-95abc47936e8"/>
-				<textElement>
-					<font size="12" isBold="true"/>
-				</textElement>
-				<text><![CDATA[Reproduction Steps:]]></text>
-			</staticText>
 			<textField textAdjust="StretchHeight">
 				<reportElement positionType="Float" x="0" y="380" width="530" height="40" uuid="09dea210-c47a-486e-b461-c6fb7c27bb39"/>
 				<textElement>
 					<font size="12"/>
 				</textElement>
-				<textFieldExpression><![CDATA[(($F{mitigation}.length() == 0) ? "No mitigation to avoid, minimize or compensate the finding found or needed."  : $F{mitigation})]]></textFieldExpression>
+				<textFieldExpression><![CDATA[(($F{mitigation}.length() == 0) ? $R{no_mitigation}  : $F{mitigation})]]></textFieldExpression>
 			</textField>
-			<staticText>
-				<reportElement positionType="Float" x="0" y="360" width="180" height="20" forecolor="#232B44" uuid="0aaec1e4-9ac0-48de-96ef-0ac5ad1e9be0"/>
-				<textElement>
-					<font size="12" isBold="true"/>
-				</textElement>
-				<text><![CDATA[Mitigation:]]></text>
-			</staticText>
 			<rectangle>
 				<reportElement x="0" y="-12" width="575" height="33" forecolor="#FF3D70" backcolor="#FF3D70" uuid="cb580eb9-9492-4fb6-8eb7-304e50612c9f"/>
 				<graphicElement>
@@ -192,22 +157,57 @@
 				<textElement>
 					<font size="12"/>
 				</textElement>
-				<textFieldExpression><![CDATA[(($F{affectedUrls}.size() == 0) ? "No specific URL's affected."  : $F{affectedUrls}.toString().substring(1, $F{affectedUrls}.toString().length() - 1))]]></textFieldExpression>
+				<textFieldExpression><![CDATA[(($F{affectedUrls}.size() == 0) ? $R{no_affected_urls}  : $F{affectedUrls}.toString().substring(1, $F{affectedUrls}.toString().length() - 1))]]></textFieldExpression>
 			</textField>
-			<staticText>
+			<textField>
-				<reportElement positionType="Float" x="0" y="440" width="180" height="20" forecolor="#232B44" uuid="003646c0-fc53-4add-84d2-b3816d52789d"/>
+				<reportElement x="0" y="-12" width="80" height="32" forecolor="#FFFFFF" uuid="b57555be-8b0c-4f2e-be08-22c3bf07e343"/>
-				<textElement>
-					<font size="12" isBold="true"/>
-				</textElement>
-				<text><![CDATA[Affected URL's:]]></text>
-			</staticText>
-			<staticText>
-				<reportElement x="0" y="-12" width="80" height="32" forecolor="#FFFFFF" uuid="c6ec29f3-3687-4098-80b5-30fd33a7989a"/>
 				<textElement verticalAlignment="Middle">
 					<font size="14" isBold="true"/>
 				</textElement>
-				<text><![CDATA[Finding:]]></text>
+				<textFieldExpression><![CDATA[$R{title.finding}]]></textFieldExpression>
-			</staticText>
+			</textField>
+			<textField>
+				<reportElement x="0" y="50" width="280" height="20" forecolor="#232B44" uuid="24833130-7baa-4959-996e-97cfce37b3d6"/>
+				<textElement>
+					<font size="12" isBold="true"/>
+				</textElement>
+				<textFieldExpression><![CDATA[$R{title}]]></textFieldExpression>
+			</textField>
+			<textField>
+				<reportElement positionType="Float" x="0" y="120" width="280" height="20" forecolor="#232B44" uuid="83f026fc-249b-41aa-9540-99661ee5010d"/>
+				<textElement>
+					<font size="12" isBold="true"/>
+				</textElement>
+				<textFieldExpression><![CDATA[$R{description}]]></textFieldExpression>
+			</textField>
+			<textField>
+				<reportElement positionType="Float" x="0" y="200" width="280" height="20" forecolor="#232B44" uuid="e7a779ad-b9ae-47ad-8e3d-be20876fc5a9"/>
+				<textElement>
+					<font size="12" isBold="true"/>
+				</textElement>
+				<textFieldExpression><![CDATA[$R{impact}]]></textFieldExpression>
+			</textField>
+			<textField>
+				<reportElement positionType="Float" x="0" y="280" width="280" height="20" forecolor="#232B44" uuid="2f5670ee-4de0-4409-bb33-ac83c5e03ec4"/>
+				<textElement>
+					<font size="12" isBold="true"/>
+				</textElement>
+				<textFieldExpression><![CDATA[$R{reproduction_steps}]]></textFieldExpression>
+			</textField>
+			<textField>
+				<reportElement positionType="Float" x="0" y="360" width="280" height="20" forecolor="#232B44" uuid="3d6c19e0-8cd3-4c39-b998-e704210d6622"/>
+				<textElement>
+					<font size="12" isBold="true"/>
+				</textElement>
+				<textFieldExpression><![CDATA[$R{mitigation}]]></textFieldExpression>
+			</textField>
+			<textField>
+				<reportElement positionType="Float" x="0" y="440" width="280" height="20" forecolor="#232B44" uuid="975e0e09-6186-4a40-9466-2f241c43b7f6"/>
+				<textElement>
+					<font size="12" isBold="true"/>
+				</textElement>
+				<textFieldExpression><![CDATA[$R{affected_urls}]]></textFieldExpression>
+			</textField>
 		</band>
 	</detail>
 </jasperReport>

security-c4po-reporting/src/main/resources/jasper/subReports/SeverityRatingTableSubreport.jrxml

@@ -40,9 +40,9 @@
 		<band splitType="Stretch"/>
 	</background>
 	<detail>
-		<band height="620" splitType="Stretch">
+		<band height="680" splitType="Stretch">
 			<componentElement>
-				<reportElement positionType="Float" x="-20" y="-20" width="560" height="620" uuid="10d88177-713d-4c60-9266-5afb31684f19">
+				<reportElement positionType="Float" x="-20" y="-20" width="560" height="700" uuid="10d88177-713d-4c60-9266-5afb31684f19">
 					<property name="com.jaspersoft.studio.layout" value="com.jaspersoft.studio.editor.layout.VerticalRowLayout"/>
 					<property name="com.jaspersoft.studio.table.style.table_header" value="Table_TH"/>
 					<property name="com.jaspersoft.studio.table.style.column_header" value="Table_CH"/>
@@ -56,44 +56,47 @@
 					<jr:column width="112" uuid="dd4a463a-7807-42ae-9419-7a17135a2a58">
 						<property name="com.jaspersoft.studio.components.table.model.column.name" value="Column1"/>
 						<jr:tableHeader style="Table_TH" height="30" rowSpan="1">
-							<staticText>
+							<textField>
-								<reportElement x="0" y="0" width="112" height="30" forecolor="#FFFFFF" uuid="140fe665-f028-4805-a55f-4b4190be3140"/>
+								<reportElement x="0" y="0" width="112" height="30" forecolor="#FFFFFF" uuid="14568593-28fa-4e16-9830-5acd6ec74634">
-								<textElement textAlignment="Center" verticalAlignment="Middle">
+									<property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
+								</reportElement>
+								<textElement verticalAlignment="Middle">
 									<font size="12" isBold="true"/>
+									<paragraph leftIndent="10"/>
 								</textElement>
-								<text><![CDATA[Rating]]></text>
+								<textFieldExpression><![CDATA[$R{rating}]]></textFieldExpression>
-							</staticText>
+							</textField>
 						</jr:tableHeader>
-						<jr:tableFooter style="Table_CH" height="200" rowSpan="1">
+						<jr:tableFooter style="Table_CH" height="220" rowSpan="1">
 							<staticText>
-								<reportElement positionType="Float" stretchType="ContainerHeight" x="0" y="0" width="112" height="200" forecolor="#03C886" uuid="bb091668-8003-45fc-a4aa-e54a96f7fa87"/>
+								<reportElement positionType="Float" stretchType="ContainerHeight" x="0" y="0" width="112" height="220" forecolor="#03C886" uuid="bb091668-8003-45fc-a4aa-e54a96f7fa87"/>
 								<textElement textAlignment="Center" verticalAlignment="Middle">
 									<font size="16" isBold="true"/>
 								</textElement>
 								<text><![CDATA[Low]]></text>
 							</staticText>
 						</jr:tableFooter>
-						<jr:columnHeader style="Table_CH" height="90" rowSpan="1">
+						<jr:columnHeader style="Table_CH" height="110" rowSpan="1">
 							<staticText>
-								<reportElement positionType="Float" stretchType="ContainerHeight" x="0" y="0" width="112" height="90" forecolor="#FF3D70" uuid="d742063f-e537-400f-bb31-bb55fa9f20fd"/>
+								<reportElement positionType="Float" stretchType="ContainerHeight" x="0" y="0" width="112" height="110" forecolor="#FF3D70" uuid="d742063f-e537-400f-bb31-bb55fa9f20fd"/>
 								<textElement textAlignment="Center" verticalAlignment="Middle">
 									<font size="16" isBold="true"/>
 								</textElement>
 								<text><![CDATA[Critical]]></text>
 							</staticText>
 						</jr:columnHeader>
-						<jr:columnFooter style="Table_CH" height="200" rowSpan="1">
+						<jr:columnFooter style="Table_CH" height="220" rowSpan="1">
 							<staticText>
-								<reportElement positionType="Float" stretchType="ContainerHeight" x="0" y="0" width="112" height="200" forecolor="#35A4FE" uuid="a8b12a40-8144-4226-870f-0e0a1e5ea752"/>
+								<reportElement positionType="Float" stretchType="ContainerHeight" x="0" y="0" width="112" height="220" forecolor="#35A4FE" uuid="a8b12a40-8144-4226-870f-0e0a1e5ea752"/>
 								<textElement textAlignment="Center" verticalAlignment="Middle">
 									<font size="16" isBold="true"/>
 								</textElement>
 								<text><![CDATA[Medium]]></text>
 							</staticText>
 						</jr:columnFooter>
-						<jr:detailCell style="Table_TD" height="100">
+						<jr:detailCell style="Table_TD" height="120">
 							<staticText>
-								<reportElement positionType="Float" stretchType="ContainerHeight" x="0" y="0" width="112" height="100" forecolor="#FFAB00" uuid="4a1dd484-384f-45ca-a41a-8d1d2b5fb1e6"/>
+								<reportElement positionType="Float" stretchType="ContainerHeight" x="0" y="0" width="112" height="120" forecolor="#FFAB00" uuid="4a1dd484-384f-45ca-a41a-8d1d2b5fb1e6"/>
 								<textElement textAlignment="Center" verticalAlignment="Middle">
 									<font size="16" isBold="true"/>
 								</textElement>
@@ -104,82 +107,60 @@
 					<jr:column width="448" uuid="ab851b91-c506-48d4-a4e6-77292e4c42ef">
 						<property name="com.jaspersoft.studio.components.table.model.column.name" value="Column2"/>
 						<jr:tableHeader style="Table_TH" height="30" rowSpan="1">
-							<staticText>
+							<textField>
-								<reportElement x="0" y="0" width="448" height="30" forecolor="#FFFFFF" uuid="7c3f036d-ed06-4aa2-bba2-f45c7eb91316">
+								<reportElement x="0" y="0" width="448" height="30" forecolor="#FFFFFF" uuid="0ce92a8f-5a55-4977-a0f9-c5fe8b47701f"/>
-									<property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
+								<textElement verticalAlignment="Middle">
-								</reportElement>
-								<textElement textAlignment="Left" verticalAlignment="Middle">
 									<font size="12" isBold="true"/>
-									<paragraph leftIndent="2"/>
 								</textElement>
-								<text><![CDATA[Severity Rating Definition]]></text>
+								<textFieldExpression><![CDATA[$R{title.severity_definitions}]]></textFieldExpression>
-							</staticText>
+							</textField>
 						</jr:tableHeader>
-						<jr:tableFooter style="Table_CH" height="200" rowSpan="1">
+						<jr:tableFooter style="Table_CH" height="220" rowSpan="1">
 							<staticText>
-								<reportElement positionType="Float" stretchType="ContainerHeight" x="0" y="0" width="448" height="200" uuid="9e066b11-0381-46ce-a05b-99b2293ce66c">
+								<reportElement x="0" y="0" width="448" height="220" uuid="edaaec3d-9e81-46a5-a628-05a0dd9716f4">
 									<property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
 								</reportElement>
 								<textElement>
 									<font size="12"/>
 									<paragraph leftIndent="2"/>
 								</textElement>
-								<text><![CDATA[Exploitation of the technical or procedural vulnerability will cause minimal impact to operations. The
+								<text><![CDATA[$R{text.severity_definitions.low}]]></text>
-Confidentiality, Integrity and Availability (CIA) of sensitive information are not at risk of compromise.
-Exploitation of the vulnerability may cause slight financial loss or public embarrassment. The threat exposure is
-moderate-to-low. Security controls are in place to contain the severity of impact if the vulnerability were
-exploited, such that further political, financial, or legal damage will not occur.
-- OR -
-The vulnerability is such that it would otherwise be considered Medium Risk, but the threat exposure is so limited
-that the likelihood of occurrence is minimal.]]></text>
 							</staticText>
 						</jr:tableFooter>
-						<jr:columnHeader style="Table_CH" height="90" rowSpan="1">
+						<jr:columnHeader style="Table_CH" height="110" rowSpan="1">
 							<staticText>
-								<reportElement positionType="Float" stretchType="ContainerHeight" x="0" y="0" width="448" height="90" uuid="628591b9-4f90-45cf-896c-e38355ed9de8">
+								<reportElement x="0" y="0" width="448" height="110" uuid="ce298324-4e50-4432-91ea-01897f3749b4">
-									<property name="com.jaspersoft.studio.unit.firstLineIndent" value="pixel"/>
 									<property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
 								</reportElement>
-								<textElement textAlignment="Left">
+								<textElement>
 									<font size="12"/>
-									<paragraph lineSpacingSize="1.0" leftIndent="2"/>
+									<paragraph leftIndent="2"/>
 								</textElement>
-								<text><![CDATA[Exploitation of the technical or procedural vulnerability will cause substantial harm. Significant political,
+								<text><![CDATA[$R{text.severity_definitions.critical}]]></text>
-financial, and/or legal damage is likely to result. The threat exposure is critical, and a publicly available mechanism exists to exploit the vulnerability. Security controls are not effectively implemented to reduce the severity of impact if the vulnerability were exploited.]]></text>
 							</staticText>
 						</jr:columnHeader>
-						<jr:columnFooter style="Table_CH" height="200" rowSpan="1">
+						<jr:columnFooter style="Table_CH" height="220" rowSpan="1">
 							<staticText>
-								<reportElement positionType="Float" stretchType="ContainerHeight" x="0" y="0" width="448" height="200" uuid="b9e7a6f9-946f-4824-8a9e-24bc3279589a">
+								<reportElement x="0" y="0" width="448" height="220" uuid="0301e4cd-36bd-45bb-bdd7-f0740d79663f">
 									<property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
 								</reportElement>
 								<textElement>
 									<font size="12"/>
 									<paragraph leftIndent="2"/>
 								</textElement>
-								<text><![CDATA[Exploitation of the technical or procedural vulnerability will significantly impact the confidentiality, integrity,
+								<text><![CDATA[$R{text.severity_definitions.medium}]]></text>
-and/or availability of the system, application, or data. Exploitation of the vulnerability may cause moderate
-financial loss or public embarrassment. The threat exposure is moderate-to-high, thereby increasing the
-likelihood of occurrence. Security controls are in place to contain the severity of impact if the vulnerability were
-exploited, such that further political, financial, or legal damage will not occur.
-- OR -
-The vulnerability is such that it would otherwise be considered High Risk, but the threat exposure is so limited
-that the likelihood of occurrence is minimal.]]></text>
 							</staticText>
 						</jr:columnFooter>
-						<jr:detailCell style="Table_TD" height="100">
+						<jr:detailCell style="Table_TD" height="120">
 							<staticText>
-								<reportElement positionType="Float" stretchType="ContainerHeight" x="0" y="0" width="448" height="100" uuid="8a292592-81b2-49a1-bfda-e9540ecb3aa9">
+								<reportElement x="0" y="0" width="448" height="120" uuid="12feb6c9-3269-431a-9e8a-a155563d1da4">
 									<property name="com.jaspersoft.studio.unit.leftIndent" value="px"/>
 								</reportElement>
 								<textElement>
 									<font size="12"/>
 									<paragraph leftIndent="2"/>
 								</textElement>
-								<text><![CDATA[Exploitation of the technical or procedural vulnerability will cause substantial harm. Significant political,
+								<text><![CDATA[$R{text.severity_definitions.high}]]></text>
-financial, and/or legal damage is likely to result. The threat exposure is high, thereby increasing the likelihood of
-occurrence. Security controls are not effectively implemented to reduce the severity of impact if the vulnerability
-were exploited.]]></text>
 							</staticText>
 						</jr:detailCell>
 					</jr:column>