We have just released CorSigs version 4.47 for Trustwave Web Application Firewall (WAF) versions 7.6, 8.0 and 8.5. These rules' purpose is to detect attack sequences or classes of attacks on a web application and its components.
- WordPress REST API Content Injection Vulnerability
This signature covers a severe vulnerability discovered in the WordPress REST API that enables an unauthenticated user to modify the content of any post or page within a WordPress site.
- Cross-Site Scripting (XSS) Detection Enhancement
An improvement to Cross-Site Scripting WAF signatures was made to increase performance and accuracy in detecting XSS attacks.
How to Update
No action is required by customers running versions 7.6, 8.0 and 8.5 of Trustwave Web Application Firewall and who subscribe to the online update feature. Their deployments will update automatically.
Note that even if blocking actions are defined for a protected site, Simulation Mode for these rules is ON by default, so that site managers can inspect the impact of new rules before blocking relevant traffic. If you want to activate blocking actions for this rule, you must update the Actions for this signature in the Policy Manager.