Forum Discussion

Nimbostratus

Nov 17, 2008

XSS scripting / false positive

Hi all, My ASM xss script tag (paramter) signature is falsely triggered due to the following value of a couple of parameters: initfunc(true,false,'Mandatory Field','Value cannot ...

app sec

BIG-IP Access Policy Manager (APM)

security

hatim1

Nimbostratus

Nov 17, 2008

Hi,

Thanks for the quick response.

Actually all the 13 parameters being triggered by this signature have the same value provided in this thread!

It seems to be the only value used by the web developers.

Also, any idea on how the developers would adapt their code to minimize the risk of exposure would be greatly appreciated.

Thanks

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

XSS scripting / false positive

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

Horizon View iApp - Big-IP 17.5

r4600 Tenant CPU Assignment

master key file on vcmp guest HA Cluster different?

F5 Health Monitor Receive String as JSON

Rewrite content in XML schema file.

Related Content

F5 Distributed Cloud WAF AI/ML Model to Suppress False Positives

Handle False Positive for files upload

Separating False Positives from Legitimate Violations

CMS causing False Positives

Attack Signature False Positive Mode

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS