Description

As per latest PCI standards: https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0_1.pdf, the related information for the versions we are using in CRS rules has changed.

Given that the PCI DSS standard is evolving and WAFs are basically part of the requirements now, there is little sense in tagging individual rules.

Remove the PCI DSS tags from all rules.

A blog post (separate issue) should be written to explain the change and the relationship between WAF and PCI DSS.