[CPANEL-28481] ModSecurity Rules Containing JavaScript Break WHM >> ModSecurity Tools UI
Since upgrading to WHM v82.0.6 when clicking on the modsecurity tools tab instead of seeing the errors I get a popup box saying XSS. clicking the popup reveals some form of code. Sorry I'm a hobbyist and never ran into this before. The site shown is working OK as far as i can tell.
Curious if this is a bug in v82.0.6 or did i get whacked? Tried deleting 'SpiderLabs OWASP curated ModSecurity rule set' and reinstalling but it made no difference.
Screenshot of what I'm seeing is below.
Much Obliged :)
-
Thats strange. 0 -
Hello :) The following case is included with cPanel & WHM version 82.0.7 and should address the reported issue: Fixed case CPANEL-28481: Ensure we escape '<' correctly when stringifying JSON in Template Toolkit.
Let us know if the issue persists after updating to version 82.0.7 or newer. Thank you.0
Please sign in to leave a comment.
Comments
2 comments