coreruleset.org/20240829/crs-versions-4.6.0-and-3.3.6-have-been-released
Preview meta tags from the coreruleset.org website.
Linked Hostnames
8- 18 links togithub.com
- 11 links tocoreruleset.org
- 1 link toowasp.org
- 1 link toowasp.slack.com
- 1 link totwitter.com
- 1 link towww.linkedin.com
- 1 link towww.youtube.com
- 1 link tox.com
Thumbnail
Search Engine Appearance
https://coreruleset.org/20240829/crs-versions-4.6.0-and-3.3.6-have-been-released
CRS versions 4.6.0 and 3.3.6 have been released
We have recently released version 4.6.0 for CRS 4, fixing a serious problem. As this problem affects CRS 3 as well, we also did a backport release for v3. ( …
Bing
CRS versions 4.6.0 and 3.3.6 have been released
https://coreruleset.org/20240829/crs-versions-4.6.0-and-3.3.6-have-been-released
We have recently released version 4.6.0 for CRS 4, fixing a serious problem. As this problem affects CRS 3 as well, we also did a backport release for v3. ( …
DuckDuckGo
https://coreruleset.org/20240829/crs-versions-4.6.0-and-3.3.6-have-been-releasedCRS versions 4.6.0 and 3.3.6 have been released
We have recently released version 4.6.0 for CRS 4, fixing a serious problem. As this problem affects CRS 3 as well, we also did a backport release for v3. ( …
General Meta Tags
10- titleCRS versions 4.6.0 and 3.3.6 have been released | CRS Project
- charsetutf-8
- viewportwidth=device-width,initial-scale=1
- Content-Security-Policyupgrade-insecure-requests
- descriptionWe have recently released version 4.6.0 for CRS 4, fixing a serious problem. As this problem affects CRS 3 as well, we also did a backport release for v3. ( …
Open Graph Meta Tags
7- og:urlhttps://coreruleset.org/20240829/crs-versions-4.6.0-and-3.3.6-have-been-released/
- og:site_nameCRS Project
- og:titleCRS versions 4.6.0 and 3.3.6 have been released
- og:descriptionWe have recently released version 4.6.0 for CRS 4, fixing a serious problem. As this problem affects CRS 3 as well, we also did a backport release for v3. (3.3.6). All users are requested to update to the new releases. The new releases tackle two multipart file upload bypass methods that were reported by @luelueking: Wrapping the Content-Disposition with non-printable characters like \x0e (e.g. “%0e Content-Disposition %0e”) may allow the header to go undetected by the WAF engine as it may not be correctly parsed. Inserting the character \ in a filename (e.g. “1.j\s\p”) may let the filename go undetected. The fixes introduced in both versions are the same:
- og:localeen
Twitter Meta Tags
4- twitter:cardsummary_large_image
- twitter:imagehttps://coreruleset.org/images/social-preview.svg
- twitter:titleCRS versions 4.6.0 and 3.3.6 have been released
- twitter:descriptionWe have recently released version 4.6.0 for CRS 4, fixing a serious problem. As this problem affects CRS 3 as well, we also did a backport release for v3. (3.3.6). All users are requested to update to the new releases. The new releases tackle two multipart file upload bypass methods that were reported by @luelueking: Wrapping the Content-Disposition with non-printable characters like \x0e (e.g. “%0e Content-Disposition %0e”) may allow the header to go undetected by the WAF engine as it may not be correctly parsed. Inserting the character \ in a filename (e.g. “1.j\s\p”) may let the filename go undetected. The fixes introduced in both versions are the same:
Link Tags
9- apple-touch-iconhttps://coreruleset.org/apple-touch-icon.png
- iconhttps://coreruleset.org/favicon.ico
- iconhttps://coreruleset.org/favicon.svg
- iconhttps://coreruleset.org/favicon-32x32.png
- preloadhttps://coreruleset.org/fonts/nunito-v25-latin-regular.woff2
Links
35- https://coreruleset.org
- https://coreruleset.org/blog
- https://coreruleset.org/docs/1-getting-started/1-1-crs-installation
- https://coreruleset.org/docs/3-about-rules/creating
- https://coreruleset.org/docs/6-development/6-1-contribution-guidelines