Cross-Site Scripting Vulnerability in F5 BIG-IP Application Security Manager
CVE-2008-0539

Currently unrated

Key Information:

Vendor: F5
Status: Big-ip Application Security Manager
Vendor: CVE Published:; 1 February 2008

Summary

A cross-site scripting vulnerability exists in the dms/policy/rep_request.php file of F5 BIG-IP Application Security Manager 9.4.3. This flaw permits remote attackers to inject arbitrary web scripts or HTML through the 'report_type' parameter, potentially compromising the security of the application and exposing sensitive information to malicious parties.

References

http://www.securityfocus.com/bid/27462

vdb-entryx_refsource_BID

http://www.securitytracker.com/id?1019276

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/archive/1/487118/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Feb 1, 2008
Vulnerability Reserved
Feb 1, 2008