<filters>
    <xfilter>
        <id>1</id>
        <rule><![CDATA[(?:"+.*>)|(?:[^\w\s]\s*\/>)|(?:>")]]></rule>
        <description>finds html breaking injections including whitespace attacks</description>
        <tags>
            <tag>xss</tag>
            <tag>csrf</tag>
        </tags>
        <impact>4</impact>
    </xfilter>
</filters>