Forum Discussion
boneyard
MVP
you can download a file here that lists the ID and the type of attack
https://devcentral.f5.com/s/articles/f5-rules-for-aws-waf-rule-id-to-attack-type-reference-33105
for c0ae2d87-48f1-4813-9e91-3e723f8d7b36 that is Server Side Code Injection
so there probably is something inside the excel file that looks like a server side code injection. which i can imagine for files as they can contain all kind of texts that triggers something like that.
perhaps someone from the AWS WAF team can provide more details.
Chisato_Horimiz
Dec 01, 2021Nimbostratus
Thank you for your Answer.