Forum Discussion

Nimbostratus

Dec 14, 2021

XSS script tag end (Parameter) (2) 200001475 , False positive

Greeting you All, I would ask for the rule ID: 200001475, generating a lot of noise, is it accurate about it, or am missing something, example of triggered Request Url : /index.php/jec/$$$call$$...

Nimbostratus

Dec 15, 2021

thank you for answering,

i know what XSS is but I see no XSS tags in the URL how so the WAF says its XSS

Daniel_Wolf

MVP

Dec 15, 2021

Good, I am not always sure, so I thought a short explanation of XXS will do no harm.

Is that the complete URL? Usually in the logs it is highlighted in red where the violation was seen. For example:

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

XSS script tag end (Parameter) (2) 200001475 , False positive

F5 Academies Are Back – And We’re Coming to a City Near You

Introducing the F5 Application Study Tool (AST)

Recent Discussions

About F5 idle timeout and keep-alive

Problem with sending BotDefense logs to remote server

OSPF traps on BIG-IP v14

[APM] - How to clear the cached certificate for specific url

Fireeye AX integration with F5 via API.

Related Content

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

F5 Distributed Cloud WAF AI/ML Model to Suppress False Positives

Handle False Positive for files upload

Separating False Positives from Legitimate Violations

CMS causing False Positives

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS