Has any one test this bypass against CRS

24 views
Skip to first unread message

Blason R

unread,
Dec 11, 2022, 10:41:19 PM12/11/22
to ModSecurity Core Rule Set project
Hi Team,

Not sure if anyone has checked and verify if this bypass is applicable to modsec crs?

Christian Folini

unread,
Dec 13, 2022, 2:17:46 AM12/13/22
to Blason R, ModSecurity Core Rule Set project
Hey, hey,

Yes, we did check and continuing to discuss it in the #coreruleset channel
on the OWASP slack. Feel free to join said discussion.

We are positive CRS detects this at PL2, while coverage at PL1 is spotty.

Best,

Christian
> --
> You received this message because you are subscribed to the Google Groups "ModSecurity Core Rule Set project" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to modsecurity-core-rule-...@owasp.org.
> To view this discussion on the web visit https://groups.google.com/a/owasp.org/d/msgid/modsecurity-core-rule-set-project/CAPPXLT_f-TycFM2PRkr3arT2wLreSESdNGuP%2B-eK6wt37CKCnA%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages