On BIG-IP ASM 15.1.0-15.1.0.5, a cross-site scripting (XSS) vulnerability exists in the BIG-IP ASM Configuration utility response and blocking pages. An authenticated user with administrative privileges can specify a response page with any content, including JavaScript code that will be executed when preview is opened.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
f5 big-ip application security manager |