App Gateway - OWASP Changelog: 3.1 → 3.2
Generated: 05 July 2026 | Base: 3.1 | Target: 3.2
Summary: 6 added · 2 removed · 1 changed
Added Rules
| Rule ID |
Rule Group Name |
Description |
Action |
State |
| 200002 |
General |
Failed to Parse Request Body. |
AnomalyScoring |
Enabled |
| 200003 |
General |
Multipart Request Body Strict Validation. |
AnomalyScoring |
Enabled |
| 933200 |
REQUEST-933-APPLICATION-ATTACK-PHP |
PHP Injection Attack: Wrapper scheme detected |
AnomalyScoring |
Enabled |
| 933210 |
REQUEST-933-APPLICATION-ATTACK-PHP |
PHP Injection Attack: Variable Function Call Found |
AnomalyScoring |
Enabled |
| 941360 |
REQUEST-941-APPLICATION-ATTACK-XSS |
JavaScript obfuscation detected. |
AnomalyScoring |
Enabled |
| 942500 |
REQUEST-942-APPLICATION-ATTACK-SQLI |
MySQL in-line comment detected. |
AnomalyScoring |
Enabled |
Removed Rules
| Rule ID |
Rule Group Name |
Description |
Action |
State |
| 920130 |
REQUEST-920-PROTOCOL-ENFORCEMENT |
Failed to parse request body. |
AnomalyScoring |
Enabled |
| 920140 |
REQUEST-920-PROTOCOL-ENFORCEMENT |
Multipart request body failed strict validation: PE %{REQBODY_PROCESSOR_ERROR}, BQ %{MULTIPART_BOUNDARY_QUOTED}, BW %{MULTIPART_BOUNDARY_WHITESPACE}, DB %{MULTIPART_DATA_BEFORE}, DA %{MULTIPART_DATA_AFTER}, HF %{MULTIPART_HEADER_FOLDING}, LF %{MULTIPART_LF_LINE}, SM %{MULTIPART_SEMICOLON_MISSING}, IQ %{MULTIPART_INVALID_QUOTING}, IH %{MULTIPART_INVALID_HEADER_FOLDING}, FLE %{MULTIPART_FILE_LIMIT_EXCEEDED} |
AnomalyScoring |
Enabled |
Changed Rules
| Rule ID |
Rule Group |
Field |
Before |
After |
| 800100 |
Known-CVEs |
Description |
Rule to help detect and mitigate log4j vulnerability - CVE-2021-44228 |
Rule to help detect and mitigate log4j vulnerability - CVE-2021-44228, CVE-2021-45046 |