Cross-site Scripting Vulnerability in F5 BIG-IP Application Security Manager
CVE-2015-1050
Currently unrated
Key Information:
- Vendor
- F5
- Vendor
- CVE Published:
- 15 January 2015
Summary
A cross-site scripting (XSS) vulnerability exists in F5 BIG-IP Application Security Manager (ASM) prior to version 11.6. This security flaw allows remote attackers to exploit the Response Body field during the new user account creation process, enabling them to inject arbitrary web scripts or HTML. Exploitation of this vulnerability can lead to unauthorized access and manipulation of user data, posing significant risks to application integrity and user safety. Organizations using affected versions are advised to upgrade to patched releases to mitigate this risk.
References
Timeline
Vulnerability published
Vulnerability Reserved