Forum Discussion

Nimbostratus

Nov 17, 2008

XSS scripting / false positive

Hi all, My ASM xss script tag (paramter) signature is falsely triggered due to the following value of a couple of parameters: initfunc(true,false,'Mandatory Field','Value cannot ...

app sec

BIG-IP Access Policy Manager (APM)

security

hatim1

Nimbostratus

Nov 17, 2008

Hi,

Thanks for the quick response.

Actually all the 13 parameters being triggered by this signature have the same value provided in this thread!

It seems to be the only value used by the web developers.

Also, any idea on how the developers would adapt their code to minimize the risk of exposure would be greatly appreciated.

Thanks

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

XSS scripting / false positive

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

F5 Distributed Cloud WAF AI/ML Model to Suppress False Positives

Separating False Positives from Legitimate Violations

Handle False Positive for files upload

CMS causing False Positives

Attack Signature False Positive Mode

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS