[wp-trac] [WordPress Trac] #53783: Visiting Widgets Is Blocking Access To My Server

WordPress Trac noreply at wordpress.org
Mon Jul 26 12:13:05 UTC 2021 

#53783: Visiting Widgets Is Blocking Access To My Server
--------------------------+------------------------------
 Reporter:  inkwellcd     |       Owner:  (none)
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Widgets       |     Version:  5.8
 Severity:  blocker       |  Resolution:
 Keywords:  needs-patch   |     Focuses:
--------------------------+------------------------------
Description changed by sabernhardt:

Old description:

> Any time I visit widgets with my current host I get blocked from visiting
> all of my websites on the server.
>
> Here are the details:
>
> triggering a mod security rule as below:
>
>  941160 Warning. Pattern match \"(?i:(?:<\\w[\\s\\S]*[\\s\\/]|\'\\"
> ?)(?:on(?:d(?:e(?:vice(?:(?:orienta|mo)tion|proximity|found|light)|livery(?:success|error)|activate)|r(?:ag(?:e(?:n(?:ter|d)|xit)|(?:gestur|leav)e|start|drop|over)|op)|i(?:s(?:c(?:hargingtimechange
> ...\" at REQUEST_HEADERS:Referer. [file
> \"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-941
> -APPLICATION-ATTACK-XSS.conf\"] [line \"199\"] [id \"941160\"] [msg
> \"NoScript XSS InjectionChecker: HTML Injection\"] [data \"Matched Data:
> \x0d\x0a 2021-07-24 18:22:36

New description:

 Any time I visit widgets with my current host I get blocked from visiting
 all of my websites on the server.

 Here are the details:

 triggering a mod security rule as below:
 {{{
  941160 Warning. Pattern match \"(?i:(?:<\\w[\\s\\S]*[\\s\\/]|\'\\"
 ?)(?:on(?:d(?:e(?:vice(?:(?:orienta|mo)tion|proximity|found|light)|livery(?:success|error)|activate)|r(?:ag(?:e(?:n(?:ter|d)|xit)|(?:gestur|leav)e|start|drop|over)|op)|i(?:s(?:c(?:hargingtimechange
 ...\" at REQUEST_HEADERS:Referer. [file
 \"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-941
 -APPLICATION-ATTACK-XSS.conf\"] [line \"199\"] [id \"941160\"] [msg
 \"NoScript XSS InjectionChecker: HTML Injection\"] [data \"Matched Data:
 \x0d\x0a 2021-07-24 18:22:36
 }}}

--

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/53783#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list