Rule History

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Horde XSS attempt colorpicker.php"; flow:to_server,established; http.uri; content:"/horde/services/images/colorpicker.php?"; nocase; pcre:"/colorpicker\x2Ephp\x3F[^\x0A\x0D]*(form|target)\x3D[^\x0A\x0D\x26]*[\x3E\x3C\x29\x22\x27\x3B]/i"; reference:url,bugs.horde.org/ticket/8399; classtype:web-application-attack; sid:2009494; rev:9; metadata:created_at 2010_07_30, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_09_11;)