Forum Discussion

khos77's avatar
Icon for Nimbostratus rankNimbostratus
Jul 20, 2022

F5 rules for AWS WAF

I have enabled the OWASP top 10 ruleset on one of our AWS WAFs however we are still seeing a High vulnerability for Reflected Cross-Site Scripting (XSS) in HTTP Header. Specifically in the cookie's cc_mode parameter.

I am looking for a way to protect against this type of attack.