Last Modified: Dec 18, 2024
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6
Opened: Mar 15, 2022 Severity: 3-Major
In some cases, when using Bot Defense Browser Verification, the application <meta charset> tag may be ignored.
Random meta chars are viewed in the web page.
-- Bot Defense Profile is attached to a virtual server. -- Bot Defense "Browser Verification" is configured to "Verify Before Access" or "Verify After Access" -- Backend application uses non-standard charset.
Run the command: tmsh modify sys db dosl7.parse_html_inject_tags value "after,body"
None