coreruleset
coreruleset copied to clipboard
coreruleset
OWASP CRS (Official Repository)
### Description ### How to reproduce the misbehavior (-> curl call) `curl -H "x-format-output: txt-matched-rules" "https://sandbox.coreruleset.org/?bla=time%20express"` however "time" (which is a unix command) is allowed and express is allowed as...
As described by @M4tteoP in https://github.com/coreruleset/coreruleset/pull/3273#issuecomment-1675490075, checking for `dl` might not be worth the trouble. We still have a commented test though (933161-4) and we should decide whether we want...
### Describe the bug I aimed to troubleshoot a false positive for a CRS rule on my coraza-caddy instance and wished to compare my results with the sandbox proposed by...
We have a test case (920480) for double charset evasion, which is currently commented because that functionality doesn't exist yet: ```yaml - test_id: 12 stages: - input: dest_addr: "127.0.0.1" port:...
Hi there, thanks for the great work on CRS. It would be nice if the maintenance plans for CRS 3 would be documented. Like eg. no more releases planned, or...
``` $ curl -H "x-format-output: txt-matched-rules" http://sandbox.coreruleset.org/ -d 'foo=console.log(msg)' -- no output -- $ curl -H "x-format-output: txt-matched-rules" http://sandbox.coreruleset.org/ -d 'foo=console.dir(msg)' -- no output -- ```
### Description The PHP `printf` rule is triggering issues on URLs like "SprintForTheCause". ### How to reproduce the misbehavior (-> curl call) ```sh curl -H "x-format-output: txt-matched-rules" https://sandbox.coreruleset.org/SprintForTheCause ``` ```...
### Description ``` $ curl -H "x-format-output: txt-matched-rules" http://sandbox.coreruleset.org/ -d 'foo=fetch("https://jsonplaceholder.typicode.com/todos/1")' -- no output -- $ curl -H "x-format-output: txt-matched-rules" http://sandbox.coreruleset.org/ -d 'foo=import * as name from "module.js";' -- no...
See https://github.com/coreruleset/modsecurity-crs-docker/issues/215 for bug report and discussion.
Dear all, is anyone else getting this when downloading [https://github.com/coreruleset/coreruleset/archive/refs/tags/v4.5.0.zip] Could any of you let me know if this is real or a false positive, and what should I tell...
