Software 42839 Published by

OWASP CRS v4.7.0 is a collection of attack detection rules that are designed to be compatible with ModSecurity or other web application firewalls. The latest version includes new features such as the addition of sendgrid.env to restricted files, modifying the regex to match multiple whitespaces, updating XSS detection, and code refactoring.



OWASP CRS v4.7.0

What's Changed

:new: New features and detections :tada:

  • feat: added sendgrid.env into restricted files by  @azurit in  #3823

:toolbox: Other Changes

  • fix: Changed regex (920470) to match multiple whitespaces after Content-Type parameters to avoid false-positives by  @lostmann-owl-it in  #3818
  • fix: fp with user-agent containing ; pg (932239 PL2) by  @franbuehler in  #3727
  • fix: update xss detection with onwebkitplaybacktargetavailabilitychanged event by  @fzipi in  #3822
  • feat: refactoring (944110 PL1) by  @azurit in  #3715

New Contributors

Full Changelog v4.6.0...v4.7.0

Release v4.7.0 · coreruleset/coreruleset