This guide explains how to customize the display of finding details in reports using a query string-like syntax.
Basic Structure
The token uses URL-style parameters separated by & characters. For example:
{Finding_Details?header_table.title=Summary&group.1.fields=description,impact}Configuration Sections
1. Header Table (Optional)
Display key information at the top of each finding:
header_table.title=Summary Table&
header_table.fields=severity,status,cvss&
header_table.cols=2&
header_table.show_finding_title=true&2. Tables
Add tables anywhere in your finding layout:
table.1.title=Summary&
table.1.fields=severity,status&
table.1.cols=2&3. Groups
Organize fields into logical groups:
group.1.title=Overview&
group.1.fields=description,impact&
group.2.title=Technical Details&
group.2.fields=cvss,assets&
group.2.hide_field_titles=true&You can hide the titles for each field using the hide_field_titles property.
4. Display Settings
General Settings
setting.hide_empty_fields=true (default)
setting.key_suffix=:(default)
setting.empty_message=No findings foundTitle Settings
setting.title.html_tag=h1&
setting.title.display_severity=true&
setting.title.show=true&Layout Settings
Choose between table or headings layout:
setting.layout=table&
setting.evidences.layout=table&setting.layout=headings&
setting.evidences.layout=headings&Evidence Display
setting.evidence_table.format=VisibleInstances& (default)
setting.evidence_table.title=Evidence Details&Customizing Evidence Columns: You can control exactly which fields appear in your evidence table and in what order using the
setting.evidence_table.fieldsparameterFor a full list of available fields and configuration examples, please read our detailed guide: Dynamic Evidence Tables in {Finding_Details} Token
Asset Display
setting.assets.format=list1& (default)
setting.assets.display_count=30& (default)5. Filtering and Sorting (Optional)
Filter findings by various criteria:
setting.filter.type=Vulnerability&
setting.filter.code=F-2025-0001,F-2025-0002&
setting.filter.status=ReadyRetest,PendingFix&
setting.filter.severity=Critical,High&
setting.filter.labels=Security,PCI-DSS&
setting.sort.field=severity&
setting.sort.direction=Descending&Filter and sort is optional.
In case of the need to display only specific findings, setting.filter.code=<code1,code2> is the solution.
As default, the sort will be Criticality, then CVSS. then Code.
At the moment, the sort option only supports one field.
HTML Structure and CSS Classes
The Finding Details token generates a hierarchical HTML structure that organises vulnerability information into logical groups and fields.
<div class="finding-details-container">Purpose: Top-level container for all finding details content.
Main Wrapper
<div class="finding-details-wrapper layout-headings">Purpose: Primary wrapper that contains all finding content and defines the layout strategy.
CSS Classes:
-
finding-details-wrapper: Base wrapper class -
layout-headings: Layout modifier (can belayout-headings,layout-table)
Title Section
<h1 class="finding-details-title">Unencrypted Telnet Server - Critical</h1>Purpose: Displays the finding title with optional severity indicator.
CSS Class: finding-details-title
HTML Tag: Configurable (h1, h2, h3, etc.) via token settings
Group Structure
Groups organize related fields together under optional headings:
<div class="finding-details-group [group-title]">
<h4 class="finding-details-group-title">Classification</h4>
<!-- Fields go here -->
</div>CSS Classes:
-
finding-details-group: Base group container -
[group-title]: CSS class matching the group title (e.g.,classification,recommendations) when a title is present -
finding-details-group-title: Group heading (only present when group has a title)
Field Structure
Each field follows a consistent pattern:
<div class="finding-details-field [field-name]">
<div class="finding-details-field-header">
<strong>Field Name</strong>
</div>
<div class="finding-details-field-body">
<!-- Field content -->
</div>
</div>
CSS Classes:
-
finding-details-field: Base field container -
[field-name]: Specific field identifier (e.g.,severity,assets,description) -
finding-details-field-header: Field label container (hidden whenhide_field_titles=true) -
finding-details-field-body: Field content container
CSS Class Reference
Container Classes
| Class | Purpose | Usage |
|
Root container | Top-level styling and spacing |
|
Main content wrapper | Overall layout and structure |
|
Layout modifier | Indicates heading-based layout |
Structure Classes
| Class | Purpose | Usage |
|
Finding title | Title typography and spacing |
|
Group container | Group spacing and organization |
|
Group heading | Group title styling |
|
Individual field | Field spacing and layout |
|
Field label | Label typography and emphasis |
|
Field content | Content styling and spacing |
Field Classes
Each field automatically receives a CSS class matching its field name from the token configuration:
.finding-details-field.[field-name] { /* Custom styles */ }
Group Classes
When a group has a title, the group container receives a CSS class matching the title (lowercased):
.finding-details-group.[group-title] { /* Custom styles */ }
Important Note About Numbering
When using tables and groups, the numbers after table. and group. determine the overall order of appearance. These numbers should be distinct across both tables and groups. For example:
header_table... (always appears first)
group.1... (appears second)
table.2... (appears third)
group.3... (appears fourth)Available Fields
Examples
Here's an example combining multiple settings:
{Finding_Details?
group.1.fields=description,assets,occurrence,status,evidence_table&
group.2.title=Classification&
group.2.fields=severity,impact,likelihood,cvss,vulnerability_types,cwes,cves,exploits,labels&
group.3.title=Recommendations&
group.3.fields=background_information,remediation,external_url&
group.4.title=Compliance&
group.4.fields=compliance,compliance_status,compliance_comment&
setting.title.html_tag=h1&
setting.title.display_severity=true&
setting.title.show=true&
setting.layout=headings&
setting.evidence_table.title=Evidence Title&
setting.evidence_table.format=all&
setting.assets.format=list2&
setting.filter.type=Vulnerability&
setting.filter.status=PendingFix,Fixed,test&
setting.sort=status&
}V1 equivalent
{Finding_Details?
group.1.fields=description&
group.1.hide_field_titles=true&
group.2.title=&
group.2.fields=assets,occurrence&
group.3.title=Classification&
group.3.fields=severity,impact,likelihood,vulnerability_types,cwes,cves,exploits&
group.4.title=Recommendations&
group.4.fields=background_information,remediation,external_url&
group.5.title=Compliance&
group.5.fields=compliance,compliance_status&
group.6.title=Evidences&
group.6.fields=evidence_table,evidences&
setting.title.html_tag=h1&
setting.title.display_severity=true&
setting.title.show=true&
setting.layout=headings&
setting.evidences.layout=headings&
setting.evidence_table.title=Evidence Title&
setting.evidence_table.format=all&
setting.assets.format=list1
}V2 equivalent
{Finding_Details?
group.1.fields=description,assets,occurrence&
group.2.title=Classification&
group.2.fields=severity,impact,likelihood,vulnerability_types,cwes,cves,exploits&
group.3.title=Recommendations&
group.3.fields=background_information,remediation,external_url&
group.4.title=Compliance&
group.4.fields=compliance,compliance_status&
group.5.title=Evidences&
group.5.fields=evidence_table,evidences&
setting.title.html_tag=div&
setting.title.display_severity=true&
setting.title.show=true&
setting.layout=table&
setting.evidences.layout=table&
setting.evidence_table.title=Evidence Title&
setting.evidence_table.format=all&
setting.assets.format=list1&
setting.key_suffix=:
}V3 equivalent
{Finding_Details?
header_table.title=&
header_table.fields=severity,cvss,impact,likelihood&
header_table.cols=2&
header_table.show_finding_title=true&
group.1.fields=assets,description,occurrence&
group.2.title=Classification&
group.2.fields=impact,likelihood,vulnerability_types,cwes,cves,exploits&
group.3.title=Recommendations&
group.3.fields=background_information,remediation,external_url&
group.4.title=Compliance&
group.4.fields=compliance,compliance_status&
group.5.title=Evidences&
group.5.fields=evidence_table,evidences&
setting.title.html_tag=h1&
setting.title.display_severity=false&
setting.title.show=false&
setting.layout=header&
setting.evidences.layout=headings&
setting.evidence_table.title=&
setting.evidence_table.format=all&
setting.assets.format=list1
}PCICompliance equivalent
{Finding_Details?
header_table.title=&
header_table.fields=severity,cvss,impact,likelihood&
header_table.cols=2&
header_table.show_finding_title=true&
group.1.fields=assets,description,occurrence&
group.2.title=Classification&
group.2.fields=impact,likelihood,vulnerability_types,cwes,cves,exploits&
group.3.title=Recommendations&
group.3.fields=background_information,remediation,external_url&
group.4.title=Compliance&
group.4.fields=compliance,compliance_status,pci_evidence_table&
group.5.title=Evidences&
group.5.fields=evidence_table,evidences&
setting.title.html_tag=h1&
setting.title.display_severity=false&
setting.title.show=false&
setting.layout=headings&
setting.evidences.layout=headings&
setting.evidence_table.title=&
setting.evidence_table.format=all&
setting.assets.format=list1
}