New WAF Objects: [total: 9] ================================== Policy: name: 'CVE-2025-55183 : React information leak' id: '20000339' minimum version: '10.0' predicates: - type: HTTP Request operation: Match All match values: - part: parameter name: '0' operation: MatchRegExp value: \[\"\$F1\"\] - part: header name: Next-Action operation: MatchRegExp value: . - part: header name: Accept operation: includes value: text/x-component - type: HTTP Request Method operation: At Least One values: - POST Signature: ID: '708473' Name: SQLi using set, PREPARE, EXECUTE Attack: SQL Injection - Blocking Attack Class: SQL Injection Dictionary: Recommended for Blocking for Web Applications Pattern: part="PREPARE", part="EXECUTE", rgxp="set[\s\S]{1,20}\=[\s\S]{1,80}\;\s?PREPARE[\s\S]{1,20}FROM[\s\S]{1,20}\;\s?EXECUTE[\s\S]{1,20}\;" Policy: Recommended Signatures Policy for Web Applications Search In: - headers - url-and-parameters Signature: ID: '708472' Name: 'CVE-2025-55182: React2Shell RCE #2' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="status", part="resolved_model", rgxp=":\s?\x22\x24\w{1,100}[\:\[\]\"\x27\.%a-zA-Z0-9\\]{1,20}\w{1,100}[\:\[\]\"\x27\.%a-zA-Z0-9\\]{1,20}\w{1,100}" Policy: Recommended Signatures Policy for Web Applications Search In: - parameters Signature: ID: '708471' Name: 'CVE-2025-55182 : React2Shell - Unsafe Deserialization' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="status", part="resolved_model", rgxp="\x22\x24\w{1,100}:(\w{1,100}):" Policy: Recommended Signatures Policy for Web Applications Search In: - parameters Signature: ID: '708470' Name: XSS using oncontentvisibilityautostatechange Attack: Cross-Site Scripting - Blocking Attack Class: Cross-Site Scripting Dictionary: Recommended for Blocking for Web Applications Pattern: part="oncontentvisibilityautostatechange", rgxp="oncontentvisibilityautostatechange\=[\s\S]{0,80}\.src\s?\+?=[\s\S]{0,40}\.[\s\S]{0,40}\>" Policy: Recommended Signatures Policy for Web Applications Search In: - parameters - headers Signature: ID: '708469' Name: xss bypass using srcdoc, on Attack: Cross-Site Scripting - Blocking Attack Class: Cross-Site Scripting Dictionary: Recommended for Blocking for Web Applications Pattern: part="srcdoc", rgxp="srcdoc\s?=\s?\<[\s\S]{0,40}on.{0,10}\<\![\s\S]{1,40}\=[\s\S]{0,40}\>" Policy: Recommended Signatures Policy for Web Applications Search In: - parameters - headers Signature: ID: '708468' Name: XSS bypass using "