Ok guys, anyone?
With best regards,
I would be more worried that your own code is being detected as an actual known exploit rather than generic script blocking but that's another question for another time.
A couple of thoughts
1. What are you testing it on? Don't forget that there are two places to put the exclusion one for workstations and one for servers
2. Aren't exclusions supposed to be just the domain name? https://kc.mcafee.com/corporate/index?page=content&id=KB65382
Our research department is developing some web applications.
I think they have solved it in the code, but I need to get info from a reasearcher whos is currently away.
i have excluded on workstations because currently then don't test it on servers.
changes in the code of webbapplication did the trick.