Cross-Site Scripting Vulnerability in F5 Networks FirePass 1000 SSL VPN
CVE-2006-5416

Currently unrated

Key Information:

Vendor
F5
Vendor
CVE Published:
20 October 2006

Summary

The vulnerability exists in the my.acctab.php3 file of F5 Networks' FirePass 1000 SSL VPN 5.5 and possibly earlier versions, where remote attackers can exploit the sid parameter. By injecting arbitrary web script or HTML, attackers can manipulate the web browser behavior of unsuspecting users, potentially compromising sensitive information or executing unauthorized actions. This XSS flaw underscores the importance of robust input validation and sanitization in web applications to fortify against such attacks.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.