Forum Discussion
Oscar77
Nimbostratus
NimbostratusF5 OWASP Top Ten Rules, no working NoSQL Injection properly
Hi there, if we do a postman POST request to our Api with the next one body in the request: { "link": { "$ne": null } }, The request is passing using Mentioned...
Hi Oscar77,
OWASP ruleset has been updated with all our recent NoSQL signatures, covering the example mentioned above and more. Please test again with latest ruleset and let us know the result
Thanks
Hi,
The types of NoSQL injection signatures we have are all the popular operands, similar to $gt which stands for "greater than" and $lt for "less than". We cannot list all the different operands we're searching for due to security concerns.
Thanks
Oscar77Nimbostratus
NimbostratusNodoby help?