4.3
CVSSv2

CVE-2014-3959

Published: 03/06/2014 Updated: 19/10/2016
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 up to and including 11.5.1, AAM 11.4.0 up to and including 11.5.1 PEM 11.3.0 up to and including 11.5.1, PSM 11.2.1 up to and including 11.4.1, WebAccelerator and WOM 11.2.1 up to and including 11.3.0, and Enterprise Manager 3.0.0 up to and including 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters.