Getting a lot of these errors...

Cut and paste from an email sent to me from the Server:

=========

Total impact: 10

Affected tags: xss, csrf

Variable: REQUEST.topic_text | Value: <p>Thank you Anthony that is a good start! Wulf: Sorry was not going to bother you about it and I figured I would post it here so I could get different ideas. SO What is your input? What else can I have him look for?</p>

Impact: 5 | Tags: xss, csrf

Description: Detects JavaScript with(), ternary operators and XML predicate attacks | Tags: xss, csrf | ID: 7

Variable: POST.topic_text | Value: <p>Thank you Anthony that is a good start! Wulf: Sorry was not going to bother you about it and I figured I would post it here so I could get different ideas. SO What is your input? What else can I have him look for?</p>

Impact: 5 | Tags: xss, csrf

Description: Detects JavaScript with(), ternary operators and XML predicate attacks | Tags: xss, csrf | ID: 7

REMOTE_ADDR: x.x.x.x

HTTP_X_FORWARDED_FOR:

HTTP_CLIENT_IP:

SCRIPT_FILENAME: /var/www/kz5/modules/boonex/forum/index.php

QUERY_STRING:

REQUEST_URI: /kz5/forum/

QUERY_STRING:

SCRIPT_NAME: /kz5/modules/boonex/forum/index.php

PHP_SELF: /kz5/modules/boonex/forum/index.php

In Control Panel > Advanced > Other set Security Threshold to send report to 13 or higher and to stop post higher as well. a -1 disables security checks (if thats what you want to call it)... it's gives points for every " > < / ? : ; in no particular order, rhyme or reason.

Thanks for the advice, will make the adjustment and report back.

Again, thanks!

Total impact: 10 <--- that is the number you have to stay ahead of.

And if you like to copy 'n' Paste articles etc. you may as well set the STOP threshold to 80+ or disable it, nothing more frustrating than hitting submit and nothing happening (and every time you hit submit it sends you another ATTACK STOPPED email)

Yea, I hear ya. After the 10th email, I decided something was pretty screwy.

I just put a "-1" in there, as you suggested. That should stifile it. :)

You may have to clear the cache after changing it. In case it didnt seem to "take"

Would you believe, I'm still getting them?

There are quite a few broken things on my system - some of them I just ignore. But there will come a time where I'm gonna

have to ask someone from the programming team or a wiki on how to make them work. For now the basics suit me fine, but I don't expect to shell out any money so far for any type of "support/membership".

Did you disable both security threshold settings? If not, that may be why you are still getting them. If you have, and they are indeed continuing, you can always do a database-dive.

It's been quiet now... I just added a -1 in both fields...