From: Bill Bradley <bradley.bill@gm...> - 2009-07-20 16:24:30
I am new to modsecurity but have implemented the
modsecurity_crs_40_generic_attacks.conf from the optional_rules
directory to block and log XSS scripting. So far it is working great.
The app is being tested by penetration folks and they are still able
to pass on XSS attack:
XSS vulnerability found in backend parameter. The following attack
targets all browser(s) and was successful using plain
"><iMg SrC=x OnErRoR=window.location=42114>
They are using some kind of scan tool.
Can anyone tell me how/what/where to make the addition to
modsecurity_crs_40_generic_attacks.conf to block this?