Robert_Shortley
Aug 13, 2015Nimbostratus
ASM Reading PDF Content as Attack from Multipart/Form-data Web Form Upload
I have one site that I'm trying ASM on, and uploading a PDF from a FILE input in a multipart/form-data web form is triggering a SQL Injection blockage from the ASM.
The ASM seems to be choking on the binary stream of the contents of the file.
Is there a way to keep this from happening enterprise wide, with a mixture of COTS products and custom code, for multiple web sites & applications?
Request Status: Blocked, Truncated Severity: Error Violation Rating: 2 - Request looks like a false positive but requires examination Response Status Code: N/A Attack Types: Detection Evasion, Server Side Code Injection, SQL-Injection