Forum Discussion

GlaseRing's avatar
GlaseRing
Icon for Nimbostratus rankNimbostratus
Aug 25, 2021

ASM don't block XSS

hi all, why the asm don't block this : "</script><script>window.top._arachni_js_namespace_taint_tracer.log_execution_flow_sink()</script>"><script>alert(150)</script>&arguments=-N2019,-A,-N325,-N0" ...
ASM Advanced WAF
security
xss
GlaseRing's avatar
GlaseRing
Icon for Nimbostratus rankNimbostratus
Aug 25, 2021

it's not in staging.

i don't see it in the log.

i had some override on different URL and i deleted it and still no block.

what am i missing?