CVE-2025-24320

Name of the Vulnerable Software and Affected Versions: BIG-IP Configuration utility (affected versions not specified)

Description: A stored cross-site scripting (XSS) issue exists in an undisclosed page of the BIG-IP Configuration utility, allowing an attacker to run JavaScript in the context of the currently logged-in user. This issue is due to an incomplete fix. The estimated number of potentially affected devices worldwide is not available. Details about real-world incidents where this issue was exploited are not provided.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.