XSS Vulnerability in F5 FirePass SSL VPN Product
CVE-2008-2030

Currently unrated

Key Information:

Vendor
F5
Vendor
CVE Published:
30 April 2008

Summary

A cross-site scripting vulnerability exists in the installControl.php3 file of F5 FirePass 4100 SSL VPN, impacting versions 5.4.2 to 6.2. This flaw enables remote attackers to inject arbitrary web scripts or HTML into the application via the query string. If exploited, this vulnerability could allow attackers to manipulate user data or potentially escalate their privileges within a compromised session.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.