We help IT Professionals succeed at work.
Private
Troubleshooting Question

Netscaler: Exception for XSS- False positive

Dirk Kotte
Dirk Kotte asked
on
37 Views
Last Modified: 2020-11-22
Hello all,
We publish a webpage and get the following error after submitting the formular.

10.XXX.XXX.67 10/05/2020:11:53:36 GMT ns01 0-PPE-0 : default APPFW APPFW_XSS 18644 0 : 195.xx.xx.222 16804-PPE0 – WAF_XXX_BASIC https://page.domain.de/yyyyyyy/warenkorb/bereich/x/xxx/x/3/?contrast=0 Cross-site script check failed for field tedit_datei1=”Bad tag: </Lang(de-DE)/Metadata” <blocked>  

How/where do we configure the exception for this false positive XXS message in NetScaler WAF?
many thanks in advance Dirk

Comment
Watch Question

ste5anSenior Developer
CERTIFIED EXPERT

Commented:
hmm, sure about that? It looks like it is triggered by incorrect HTML...
CERTIFIED EXPERT

Author

Commented:
Yes, but we can't change the web-page. We have to wait for the vendor.
.... and we must publish this page now ...
and even if the site is not built properly ... it is not XSS
CERTIFIED EXPERT
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION