PT-2008-2167 · F5 · F5 Big-Ip Application Security Manager
Nnposter
·
Published
2008-02-01
·
Updated
2023-03-03
·
CVE-2008-0539
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
F5 BIG-IP Application Security Manager (ASM) version 9.4.3
Description
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the
report type parameter in the dms/policy/rep request.php file.Recommendations
For version 9.4.3, avoid using the
report type parameter in the affected API endpoint until the issue is resolved.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
F5 Big-Ip Application Security Manager