AWS waf high security documentation change
Summary
Added entry for Core Rule Set (CRS) update v1.17 with improved XSS detection signatures across multiple attack vectors.
Security assessment
Explicitly documents security improvements to XSS detection rules, indicating proactive security hardening against cross-site scripting vulnerabilities.
Diff
diff --git a/waf/latest/developerguide/aws-managed-rule-groups-changelog.md index 63cbe1070..f318a3cb8 100644 --- a/waf/latest/developerguide/aws-managed-rule-groups-changelog.md +++ b/waf/latest/developerguide/aws-managed-rule-groups-changelog.md @@ -16,0 +17,8 @@ Rule group and rules | Description | Date +[Core rule set (CRS) managed rule group](./aws-managed-rule-groups-baseline.html#aws-managed-rule-groups-baseline-crs) + + * `CrossSiteScripting_BODY` + * `CrossSiteScripting_COOKIE` + * `CrossSiteScripting_QUERYARGUMENTS` + * `CrossSiteScripting_URIPATH` + +| Released static version 1.17 of this rule group. Improved detection signatures for the cross site scripting rules. | 2023-03-03