AnsweredAssumed Answered

How to filter unwanted email notification to AveksaAdmin

Question asked by Pooja Mehta Employee on Oct 18, 2016
Latest reply on Nov 13, 2017 by Justin Haines

There are more than 1K emails getting generated with message -" Embedded unicode null characters detected in incoming request. Possible XSS attack" or "Unsafe character detected in URL parameters. Possible XSS attack." These are getting generated as Admin errors Login ID: No active session, no user logged in. Request: https://rsaviap1.int.acs529.com:8443/aveksa/main?Name1=&Pass1=&ScreenH=../../../../../../../../etc/passwd%00index.html&ScreenH=&ScreenW=&Submitted=Submitted Referrer: null Invalid string found in request parameter [ScreenH] with value [../../../../../../../../etc/passwdindex.html]

 

Seems there is an automated scan which runs periodically and generates these messages about XSS attacks. Are there any options to prevent just this class of admin error from generating an email/from notifying/ restricting to just one notification. Is there a way to filter the emails specific to Type - Security and Description like “Embedded unicode null characters detected in incoming request” or “Unsafe characters detected in URL parameters. Possible XSS attack can be limited from sending or if a single notification can be sent.”

 

Has anyone encountered this issue?

Outcomes