Software 42839 Published by

The OWASP CRS v4.6.0 is a collection of attack detection rules designed for ModSecurity or compatible web application firewalls. It's all about keeping web applications safe from a range of attacks, including the notorious OWASP Top Ten, while keeping false alarms to a minimum. Some of the highlights in this release are the prevention of backslashes in file names, the addition of an invalid character in multipart headers, an update to 932270's version, and the inclusion of pem in the list of restricted file extensions.



OWASP CRS v4.6.0

What's Changed

:star: Important changes

Big thanks tu  @luelueking for reporting us these two :index_pointing_up:️ .

:toolbox: Other Changes

New Contributors

Full Changelog:  v4.5.0...v4.6.0

Release v4.6.0 · coreruleset/coreruleset