CVE-2013-5976

Currently unrated

Key Information:

Vendor: F5
Status: Big-ip Access Policy Manager
Vendor: CVE Published:; 1 October 2013

Summary

Cross-site scripting (XSS) vulnerability in the access policy logout page (logout.inc) in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.1.0 through 11.3.0 allows remote attackers to inject arbitrary web script or HTML via the LastMRH_Session cookie.

References

http://secunia.com/advisories/54941

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id/1029079

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/62596

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Oct 1, 2013
Vulnerability Reserved
Oct 1, 2013