alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Miva Merchant Cross Site Scripting Attack"; flow:to_server,established; http.uri; content:"merchant.mv"; nocase; content:"customer_login"; nocase; pcre:"/customer_login.*\">/i"; reference:bugtraq,14828; reference:url,smallbusiness.miva.com/products/mia/; reference:url,www.frsirt.com/english/advisories/2005/1758; classtype:web-application-activity; sid:2002371; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, signature_severity Major, tag XSS, tag Cross_Site_Scripting, updated_at 2020_09_03;)