Описание
Cross-site scripting (XSS) vulnerability in the login interface (my.logon.php3) in F5 FirePass SSL VPN 5.5 through 5.5.2 and 6.0 through 6.0.3 allows remote attackers to inject arbitrary web script or HTML via a base64-encoded xcho parameter.
Cross-site scripting (XSS) vulnerability in the login interface (my.logon.php3) in F5 FirePass SSL VPN 5.5 through 5.5.2 and 6.0 through 6.0.3 allows remote attackers to inject arbitrary web script or HTML via a base64-encoded xcho parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-2119
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51064
- https://www.fox-it.com/nl/nieuws-en-events/nieuws/laatste-nieuws/nieuwsartikel/f5-firepass-cross-site-scripting-vulnerability/106
- https://www.fox-it.com/uploads/pdf/advisory_xss_f5_firepass.pdf
- http://osvdb.org/55040
- http://secunia.com/advisories/35418
- http://secunia.com/advisories/35426
- http://www.securityfocus.com/archive/1/504232/100/0/threaded
- http://www.securityfocus.com/bid/35312
- http://www.securitytracker.com/id?1022387
- http://www.vupen.com/english/advisories/2009/1570
Связанные уязвимости
nvd
больше 16 лет назад
Cross-site scripting (XSS) vulnerability in the login interface (my.logon.php3) in F5 FirePass SSL VPN 5.5 through 5.5.2 and 6.0 through 6.0.3 allows remote attackers to inject arbitrary web script or HTML via a base64-encoded xcho parameter.