Active rule currently published.
Atomicorp.com WAF Rules: XSS in referrer and UA headers
Cross Site Scripting attack detected in either the referrer or User-Agent headers.
There are no known False Positives for this in the UA header. Some web application may include scripting language in the referrer header.
If you believe this is a false positive, it is recommended that you report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page.
Knowledge Base Articles