New WAF Objects: [total: 8] ================================== Signature: ID: '708431' Name: xss bypass var and join Pattern: part="var", part=".join", rgxp="<[\s\S]{1,80}var[\s\S]{1,80}\.join\([\s\S]{1,120}>" Attack: Cross-Site Scripting - Blocking Attack Class: Cross-Site Scripting Dictionary: Recommended for Blocking for Web Applications Policy: Recommended Signatures Policy for Web Applications Search In: - parameters Policy: name: Content-Type multipart/form-data RFC violation id: '20000330' minimum version: '10.0' predicates: - type: HTTP Request operation: Match All match values: - part: header name: Content-Type operation: MatchRegExp value: boundary[\s\S]{1,200}[\;\s]\bboundary\s?= - part: header name: Content-Type operation: includes value: multipart/form-data Signature: ID: '708430' Name: OOB attack using .col.ci Attack: Automation Attack - Blocking Attack Class: Automation Attack Dictionary: Recommended for Blocking for Web Applications Pattern: part=".col.ci" Policy: Recommended Signatures Policy for Web Applications Search In: - parameters - headers Signature: ID: '708429' Name: CVE-2014-0094 CVE-2014-0112 Apache Struts ClassLoader Manipulation Remote Code Execution Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="class", part="classLoader", rgxp="class((\.)|([')|([\"))classLoader((\.)|('])|(\"]))" Policy: Recommended Signatures Policy for Web Applications Search In: - parameters Signature: ID: '708428' Name: 'CVE-2025-61882: Oracle EBS - SSRF to RCE' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="/OA_HTML/configurator/UiServlet", part="redirectFromJsp", part="getUiType", rgxp=":7201\/OA_HTML\/.{1,10}\/ieshostedsurvey\.jsp" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Policy: name: 'CVE-2019-18818: Strapi changePassword() Token handling issue' id: '20000329' minimum version: '10.0' predicates: - type: HTTP Request Method operation: At Least One values: - POST - type: HTTP Request operation: Match All match values: - part: parameter name: code/$gt operation: MatchRegExp value: ^0$ - part: url operation: includes value: /admin/auth/reset-password Policy: name: |- CVE-2020-7378: OpenCRX /PasswordResetConfirm.jsp token Parameter Remote Password Manipulation id: '20000328' minimum version: '10.0' predicates: - type: HTTP Request Method operation: At Least One values: - POST - type: HTTP Request Parameter Name operation: Exclude All values: - token - type: HTTP Request operation: Match All match values: - part: parameter name: id operation: MatchRegExp value: . - part: parameter name: password1 operation: MatchRegExp value: . - part: parameter name: password2 operation: MatchRegExp value: . - part: parameter name: p operation: includes value: CRX - part: url operation: includes value: /PasswordResetConfirm.jsp - part: parameter name: t operation: includes value: f - part: parameter name: s operation: includes value: standard Signature: ID: '708426' Name: constructor XSS bypass Pattern: part=".constructor.constructor" Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters