Eric Aeby

Forum Replies Created

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • December 22, 2019 at 8:46 pm in reply to: Can’t save changes with SKT builder #141817
    Eric AebyEric Aeby
    Participant
    • Topics: 1
    • Replies: 2
    • Total: 3
    Member since: December 10, 2019

    Hi, Unfortunately this didn’t help and it is still impossible to save changes.
    I identified the problem:

    On the query: “/wp-admin/admin-ajax.php?action=sktbuilder_save_page_data” posted json contains too many repetitive back slash (\\\) and this is matching with some XSS filter security rules (see below). Can you please edit your code and correct it? Thanks

    ModSecurity: Access denied with code 510 (phase 2). Pattern match “(?i:<style.*?>.*?((@[i\\\\\\\\])|(([:=]|(&#x?0*((58)|(3A)|(61)|(3D));?)).*?([(\\\\\\\\]|(&#x?0*((40)|(28)|(92)|(5C));?)))))” at ARGS:data.html. [file “/usr/share/modsecurity-crs/activated_rules/modsecurity_crs_41_xss_attacks.conf”] [line “474”] [id “973315”] [rev “2”] [msg “IE XSS Filters – Attack Detected.”] [data “Matched Data: <style> .skt-builder-shape-column-33:hover .skt-builder-column-bg{background-color:#e64d43 !important;} .skt-builder-shape-column-33:hover .skt-builder-shape-column-title, .skt-builder-shape-column-33:hover .skt-builder-shape-column-text, .skt-builder-shape-column-33:hover .skt-builder-shape-column-text a{color:#ffffff !important;} .skt-builder-shape-column-33:hover .diamondshape span{color:#ffffff !important;} </style> <div class=\\x22skt-builder-column-inner\\x22> <div class=\\x22diamondshap…”] [ver “OWASP_CRS/2.2.9”] [maturity “8”] [accuracy “8”] [tag “OWASP_CRS/WEB_ATTACK/XSS”] [tag “WASCTC/WASC-8”] [tag “WASCTC/WASC-22”] [tag “OWASP_ [hostname “deeperdiving.ch”] [uri “/wp-admin/admin-ajax.php”] [unique_id “Xf@UMH8AAAEAAFH5s5AAAAAF”]

    Here is one example (several positions need to be corrected)

    <style> \\r\\n .skt-builder-shape-column-37:hover .skt-builder-column-bg{background-color:#e64d43 !important;}\\r\\n .skt-builder-shape-column-37:hover .skt-builder-shape-column-title,\\r\\n .skt-builder-shape-column-37:hover .skt-builder-shape-column-text,\\r\\n\\t\\t\\t\\t\\t\\t .skt-builder-shape-column-37:hover .skt-builder-shape-column-text a{color:#ffffff !important;}\\r\\n .skt-builder-shape-column-37:hover .diamondshape span{color:#ffffff !important;}\\r\\n </style>\\r\\n <div class=\\\”skt-builder-column-inner\\\”>\\r\\n

    December 16, 2019 at 9:13 pm in reply to: Can’t save changes with SKT builder #141488
    Eric AebyEric Aeby
    Participant
    • Topics: 1
    • Replies: 2
    • Total: 3
    Member since: December 10, 2019

    I tried deactivating all plugins, deleting cache… but it didn’t help…
    Also my site is still empty (meaning it is still the unmodified template)

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)