F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

MSZ's avatar
MSZ
Icon for Nimbostratus rankNimbostratus
Feb 24, 2016

Signature ID is required

Can anyone identify the signature ID's on WAF for the following cases?   Cross-Site Scripting: ReflectedCross-Site Scripting vulnerabilities were verified as executing code on the web application...
ASM Advanced WAF
BIG-IP
security
Erik_Novak's avatar
Erik_Novak
Icon for Employee rankEmployee
Feb 24, 2016

These look like scan results from Trustwave. Can you import the XML file from the scan into an ASM policy? The vulnerabilities that ASM can mitigate will then be listed. Otherwise, go to Application Security: Attack Signatures, and then filter the Policy Attack Signatures list by "Signature name contains" and enter "XSS", etc. You should get a large list of signature names and their IDs. The two examples at the bottom of your list are not associated with any attack signatures, however.