Cross-Site Scripting Vulnerability in F5 FirePass SSL VPN
CVE-2009-2119

Currently unrated

Key Information:

Vendor

F5
Status
Firepass Ssl Vpn
Vendor
CVE Published:
18 June 2009

What is CVE-2009-2119?

The F5 FirePass SSL VPN is vulnerable to a cross-site scripting (XSS) attack via the login interface (my.logon.php3). This vulnerability allows remote attackers to inject arbitrary web scripts or HTML through a base64-encoded xcho parameter, potentially leading to unauthorized access and exploitation of user sessions. This highlights the importance of rigorous input validation and proper sanitization methods in web applications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/35418
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/35426
third-party-advisoryx_refsource_SECUNIA
https://www.fox-it.com/nl/nieuws-en-events/nieuws/laatste...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.