We have just released Corsigs version 4.46 for users of Trustwave Web Application Firewall (WAF) versions 7.0 and 8.0. These new rules help protect users' Web applications against malicious traffic.
- Cross-Site Scripting (XSS) Detection Improvement:
An improvement to Cross-Site Scripting WAF signatures was made to improve performance and accuracy in catching XSS attacks.
How to Update
No action is required by customers running versions 7.0 or 8.0 of Trustwave Web Application Firewall and who subscribe to the online update feature. Their deployments will receive the update automatically.
Note that even if blocking actions are defined for a protected site, Simulation mode for these rules is ON by default so that site managers can inspect the impact of new rules before actually blocking relevant traffic. If you want to activate blocking actions for this rule, you must update the Actions for this signature in the Policy Manager.