SV-79743r1_rule
V-65253
SRG-NET-000319-ALG-000153
WSDP-AG-000080
CAT II
10
Search Bar “Processing Rule” >> processing rule >> Rule Action “+” >> Action Type “Filter”.
In the filter action, specify that the provided XSL stylesheet, store:///SQL-Injection-Filter.xsl, be used for the transform.
For the injection pattern file, specify store:///SQL-Injection-Patterns.xml, or specify the following name-value pair for the stylesheet parameters:
Name: {http://www.datapower.com/param/config}SQLPatternFile
Value: store:///SQL-Injection-Patterns.xml
Search Bar “Processing Rule” >> Processing rule.
If “Rule Action” does not contain a “Filter” action, this is a finding.
V-65253
False
WSDP-AG-000080
Search Bar “Processing Rule” >> Processing rule.
If “Rule Action” does not contain a “Filter” action, this is a finding.
M
2859