Difference between revisions of "WAF 340020"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with ''''Rule ID''' 340020 '''Status''' Active rule currently published. '''Alert Message''' Atomicorp.com WAF Rules: XSS in referrer and UA headers '''Description''' Cross…')
 

Latest revision as of 20:40, 25 November 2009

Rule ID

340020

Status

Active rule currently published.

Alert Message

Atomicorp.com WAF Rules: XSS in referrer and UA headers

Description

Cross Site Scripting attack detected in either the referrer or User-Agent headers.

False Positives

There are no known False Positives for this in the UA header. Some web application may include scripting language in the referrer header.

If you believe this is a false positive, it is recommended that you report this to our security team to determine if this is a legitimate case, or if its clever attack on your system. Instructions to report false positives are detailed on the Reporting False Positives wiki page.

Similar Rules

WAF_340003

Knowledge Base Articles

None.

Outside References

http://en.wikipedia.org/wiki/Cross-site_scripting

http://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29

Personal tools