issues
search
SpiderLabs
/
owasp-modsecurity-crs
OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
https://modsecurity.org/crs
Apache License 2.0
2.44k
stars
725
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
feat(templates): add text to gihub templates about migration
#1757
fzipi
closed
4 years ago
0
False positive with WordPress when hosted from http://example.com/update-prefix
#1756
morko
opened
4 years ago
1
Incompatible with ModSecurity 3.x?
#1755
Ziris85
closed
4 years ago
1
false positive on rule 932110
#1754
randyoo
opened
4 years ago
0
Added more explanations to comment of 920300
#1753
dune73
closed
4 years ago
2
Note config change of tx.allowed_request_content_type in the v3.3 release notes
#1752
franbuehler
opened
4 years ago
0
rule 920300 title / details mismatch
#1751
owingruters
closed
4 years ago
1
Added 'ver' action with current version to all necessary rules (fix for #650)
#1750
airween
closed
4 years ago
4
Monthly Chat Agenda May (2020-05-04)
#1749
franbuehler
closed
4 years ago
1
Content-Type var fix ModSec v2 v3 900220 soap xml
#1748
franbuehler
closed
4 years ago
3
Password Scrubbing within the libinjection rule
#1747
a-zb
closed
4 years ago
1
Fix 921120 FP
#1746
franbuehler
closed
1 month ago
0
Changed variable to lowercase (fixed #1741)
#1745
airween
closed
4 years ago
1
Update README.md
#1744
drexlma
opened
4 years ago
0
Allow REPORT requests without Content-Type header in Nextcloud
#1743
pyllyukko
closed
4 years ago
1
Suppress rule 200002 when editing contacts in Nextcloud
#1742
pyllyukko
closed
4 years ago
1
Rule 920450 and modsec 3x
#1741
mirkodziadzka-avi
closed
4 years ago
4
Make Content-Type case insensitive
#1740
franbuehler
closed
1 month ago
3
XenForo: update exclusions
#1739
lifeforms
closed
4 years ago
1
WordPress: exclude additional URL fields in profile editor
#1738
lifeforms
closed
4 years ago
1
WordPress JetPack False Positive
#1737
manuelroccon
opened
4 years ago
0
NextCloud False Positive
#1736
manuelroccon
opened
4 years ago
9
Fix link for 941310
#1735
NullIsNot0
closed
4 years ago
4
Fix content type whitelist
#1734
franbuehler
closed
4 years ago
2
Monthly Chat Agenda April (2020-04-06)
#1733
dune73
closed
4 years ago
1
Make severities and scores consistent
#1732
lifeforms
closed
4 years ago
1
Block QQGameHall UA
#1731
theMiddleBlue
closed
4 years ago
1
Block QQGameHall in UA
#1730
theMiddleBlue
closed
4 years ago
4
XSS Attack Detected via libinjection for AWS AWSALBCORS Cookie
#1729
frankyhun
opened
4 years ago
4
JSON Payloads process significantly slower (600%) than XML Payloads of a similar size and format
#1728
rsbrisci
closed
4 years ago
9
SQLi bypass at PL1(CRS 3.2.0)
#1727
seedis
opened
4 years ago
1
DoS rule triggering with static (png) file
#1726
ceandre
opened
4 years ago
0
Easy to trigger these rule id blocks just with keywords [932115, 942360]
#1725
jeremyjpj0916
opened
4 years ago
0
Crazy Long Processing time of XML of a certain kinda payload body.
#1724
jeremyjpj0916
opened
4 years ago
2
DOS protection is invalid
#1723
sule01u
closed
4 years ago
0
SOAPUI SOAP Tx multipart/related call False Positive id: 920470
#1722
jeremyjpj0916
closed
4 years ago
4
Add Content-Type: multipart/related as allowed default
#1721
jeremyjpj0916
closed
4 years ago
1
XSS Attack Detected for valid XML Wrapped in CDATA Id 941160
#1720
jeremyjpj0916
opened
4 years ago
0
Need help with whitelisting false positive for gitlab rule id 949110
#1719
H4R0
closed
4 years ago
0
XSS attack detection for session id in cookie
#1718
kumaranubhaw
closed
4 years ago
3
Remove MIME Attribute from application/soap+xml Rule 900220
#1717
rsbrisci
closed
4 years ago
18
Vulnerable Regular Expressions in 942170
#1716
DragonRegex
closed
4 years ago
1
Vulnerable Regular Expressions in 942200
#1715
DragonRegex
closed
4 years ago
1
Vulnerable Regular Expressions in 942260
#1714
DragonRegex
closed
4 years ago
1
Vulnerable Regular Expressions in 942300
#1713
DragonRegex
closed
4 years ago
1
Vulnerable Regular Expressions in 942360
#1712
DragonRegex
closed
4 years ago
1
FP 942100 MySQLi rule triggered?
#1711
jeremyjpj0916
opened
4 years ago
3
Add word boundaries around values in SQL tautologies (942130)
#1710
allanrbo
closed
4 years ago
6
Move tests to their own file
#1709
fgsch
closed
4 years ago
1
Perf issue with regexes that start with repeating digits
#1708
allanrbo
opened
4 years ago
28
Next