Disables WAF rule on cust sh that is blocking drill downs

To be tagged v5.3.2

base/splunk_servers/customer_searchhead/waf.tf

@@ -13,6 +13,7 @@ module "waf" {
   )
 
   excluded_rules_AWSManagedRulesCommonRuleSet = [
+    "CrossSiteScripting_BODY",
     "SizeRestrictions_BODY",
     "SizeRestrictions_QUERYSTRING",
     "RestrictedExtensions_URIPATH",