XSS_PATH
- The group contains XSS deny rules for HTTP paths.
- The security level Basic prevents injection of <script> and known HTML event handlers (e.g. "onload").
- The security level Standard prevents injection of JavaScript code in quoted context.
- The security level Strict prevents injection of JavaScript code in unquoted context.