False positive - PrestaShop

  1. 243420
  2. deprecated 1.7
  3. [Mon Oct 16 14:09:58.502253 2017] [:error] [pid 98614:tid 140320167335680] [client x.x.x.x] [client x.x.x.x] ModSecurity: Access denied with code 403 (phase 3). Match of “validateByteRange 0-31” against “ARGS:form[step1][description_short][1]” required. [file “/var/cpanel/cwaf/rules/32_Apps_OtherApps.conf”] [line “4254”] [id “243420”] [rev “1”] [msg “COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||x|F|2”] [severity “CRITICAL”] [tag “CWAF”] [tag “OtherApps”] [hostname “x”] [uri “/admin123/index.php/product/form/341”] [unique_id “WeShlUcbPU2u5uciSofbeQAAAAE”],


if you suppose it’s false positive, please, just exclude this rules.