|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-01-04 | |
| Rule Name: | JavaScript Code Injection Detection | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | The code injection vulnerability is caused by the application's lax filtering of user input. An attacker can inject code into the server where the application is running, executing the injected code remotely. This rule is used to detect suspicious JavaScript code in HTTP requests. | |
| Impact: | Remote code execution | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | CVE-2011-3368 ExploitDB:17969 |
|
| Solutions |
|---|
| Update vendor's patch. |