Skip to content

Commit

Permalink
Merge pull request #8606 from msm1992/4.2.0-7960
Browse files Browse the repository at this point in the history
[4.2.0] Fix regex for XPath Injection
  • Loading branch information
npamudika authored Nov 12, 2024
2 parents 107ac1d + 8447e33 commit d835da7
Showing 1 changed file with 1 addition and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ We recommend the following patterns for denying requests.
<tr class="even">
<td>XPath Injection</td>
<td>
<code>.*'.*|.*or.*|.*1=1.*|.*ALTER.*|.*ALTER TABLE.*|.*ALTER VIEW.*|</code><br />
<code>.*'.*|(?\u003C![\w\d])or(?![\w\d])|.*1=1.*|.*ALTER.*|.*ALTER TABLE.*|.*ALTER VIEW.*|</code><br />
<code>.*CREATE DATABASE.*|.*CREATE PROCEDURE.*|.*CREATE SCHEMA.*|</code><br />
<code>.*create table.*|.*CREATE VIEW.*|.*DELETE.*|.*DROP DATABASE.*|</code><br />
<code>.*DROP PROCEDURE.*|.*DROP.*|.*SELECT.*</code>
Expand Down

0 comments on commit d835da7

Please sign in to comment.