Ken_49643
Jul 10, 2011Nimbostratus
XML Attack Signatures
Hi,
I am new to this forum and am hoping to get some assistance on XML attack signatures.
We have a standard HTTP POST request that contains an XML message in the body.
The content type is set as application/xml; charset="utf-8".
The attack signature "xml tag (Parameter)" is being triggered on the following XML prolog:
xml version="1.0" encoding="UTF-8" (The opening/closing angle brackets and question mark are omitted)
This looks like pretty standard XML to me. Anyone help with why this is being triggered?
Do I need to specify an XML profile for the URL?
Any help would be greatly appreciated.
Ken