Trustwave Web Application Firewall Signature Update 4.47 Now Available

We have just released CorSigs version 4.47 for Trustwave Web Application Firewall (WAF) versions 7.6, 8.0 and 8.5. These rules' purpose is to detect attack sequences or classes of attacks on a web application and its components.

Release Summary

  • WordPress REST API Content Injection Vulnerability

This signature covers a severe vulnerability discovered in the WordPress REST API that enables an unauthenticated user to modify the content of any post or page within a WordPress site.

  • Cross-Site Scripting (XSS) Detection Enhancement

An improvement to Cross-Site Scripting WAF signatures was made to increase performance and accuracy in detecting XSS attacks.

How to Update

No action is required by customers running versions 7.6, 8.0 and 8.5 of Trustwave Web Application Firewall and who subscribe to the online update feature. Their deployments will update automatically.

Note that even if blocking actions are defined for a protected site, Simulation Mode for these rules is ON by default, so that site managers can inspect the impact of new rules before blocking relevant traffic. If you want to activate blocking actions for this rule, you must update the Actions for this signature in the Policy Manager.

Trustwave reserves the right to review all comments in the discussion below. Please note that for security and other reasons, we may not approve comments containing links.