WAF 340020

From Atomicorp Wiki
Revision as of 19:40, 25 November 2009 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Rule ID

340020

Status

Active rule currently published.

Alert Message

Atomicorp.com WAF Rules: XSS in referrer and UA headers

Description

Cross Site Scripting attack detected in either the referrer or User-Agent headers.

False Positives

There are no known False Positives for this in the UA header. Some web application may include scripting language in the referrer header.

If you believe this is a false positive, it is recommended that you report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page.

Similar Rules

WAF_340003

Knowledge Base Articles

None.

Outside References

http://en.wikipedia.org/wiki/Cross-site_scripting

http://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29

Personal tools