Custom Rule for CVE-2021-41823
LoadMaster is vulnerable to CVE-2021-41823, a medium-level cross-site scripting (XSS) vulnerability that is not blocked by the current OWASP CRS.
The LoadMaster team has created a WAF rule that will protect your applications against this vulnerability. Add this as a custom rule to LoadMaster WAF. [This rule will be added to LoadMaster in a future release.]
For instructions on adding custom rules to the WAF engine, please see this document.
SecRule REQUEST_URI "@detectXSS" \
"id:1000,\
phase:2,\
deny,\
capture,\
t:none,t:utf8toUnicode,t:urlDecodeUni,t:htmlEntityDecode,t:jsDecode,t:cssDecode,t:removeNulls,\
msg:'XSS Attack Detected via libinjection',\
logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}',\
tag:'application-multi',\
tag:'language-multi',\
tag:'platform-multi',\
tag:'attack-xss',\
tag:'OWASP_CRS',\
tag:'capec/1000/152/242',\
ctl:auditLogParts=+E,\
ver:'OWASP_CRS/3.3.2',\
severity:'CRITICAL'"
Was this article helpful?
0 out of 0 found this helpful