Difference between revisions of "WAF 340149"
(Created page with "{{Infobox |header1= Rule 340149 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Atomicorp.com WAF Rules: Potential Cross Site Scripting Attack }} = Descript...") |
m (→Similar Rules) |
||
| (One intermediate revision by one user not shown) | |||
| Line 27: | Line 27: | ||
[[WAF 340148]] | [[WAF 340148]] | ||
| − | [[WAF | + | |
| + | [[WAF 340147]] | ||
== Knowledge Base Articles== | == Knowledge Base Articles== | ||
Latest revision as of 13:45, 3 January 2013
| Rule 340149 | |
|---|---|
| Status | Active |
| Alert Message | Atomicorp.com WAF Rules: Potential Cross Site Scripting Attack |
Contents |
[edit] Description
This rules detects when a potential cross site scripting attack may have occurred. For example, if javascript is included in a variable that appears to not be used for this purpose, or if web code is included in a portion of a request that is not known to be used for this purpose. This rule looks for encoded methods.
[edit] Troubleshooting
[edit] False Positives
This rule may produce a false positive if an application is used in a previously unknown or untested manner. The rules contain a large library of known trusted methods, however it is possible an application may be using a previously untested method. It is not recommended that you disable this rule if you have a false positive. If you believe this is a false positive, please report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page. If it is a false positive, we will fix the issue in the rules and get a release out to you promptly.
[edit] Tuning Guidance
See the Mod_security page for guidance on tuning this rule.
[edit] Additional Information
[edit] Similar Rules
[edit] Knowledge Base Articles
None.
[edit] Outside References
None.
[edit] Notes
None.
