Cross-site scripting (XSS) vulnerability in the login interface (my.logon.php3) in F5 FirePass SSL VPN 5.5 up to and including 5.5.2 and 6.0 up to and including 6.0.3 allows remote malicious users to inject arbitrary web script or HTML via a base64-encoded xcho parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 firepass ssl vpn 5.5.2 |
||
f5 firepass ssl vpn 6.0.2 |
||
f5 firepass ssl vpn 6.0.3 |
||
f5 firepass ssl vpn 5.5 |
||
f5 firepass ssl vpn 5.5.1 |
||
f5 firepass ssl vpn 6.0 |
||
f5 firepass ssl vpn 6.0.1 |