Evasion attempt using twice-encoded dot character Description   Special characters in URL might be encoded using the %xx encoding. Some attacks use a double encoding to evade signature protection. This alarm might also be raised in case an URL is passed as a parameter twice, and encoded each time.       Default configuration   Profiles High Medium Low Internet Action Block Pass Pass Pass Alarm Level Minor Minor Ignore Ignore       References   CVE: CVE-2001-0333 Secunia: 13239       Available since   ASQ v3.2.0       Protects   Datalife Engine "dle_config_api" Parameter File Inclusion Vulnerability Apache Tomcat JK Connector Double Encoded Dot Dot Security Bypass Vulnerability 100 last CVE   CVE-2009-3055 CVE-2007-1860    Risk level  Moderate