exploitDog

CVE-2012-2975

Опубликовано: 11 сент. 2012

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the traffic overview page on the F5 ASM appliance 10.0.0 through 11.2.0 HF2 allows remote attackers to inject arbitrary web script or HTML via crafted requests that are later listed on a summary page.

Ссылки

http://www.kb.cert.org/vuls/id/143395
US Government Resource
https://support.f5.com/kb/en-us/solutions/public/13000/800/sol13838.html
http://www.kb.cert.org/vuls/id/143395
US Government Resource
https://support.f5.com/kb/en-us/solutions/public/13000/800/sol13838.html

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:f5:application_security_manager_appliance:10.0.0:*:*:*:*:*:*:*

cpe:2.3:h:f5:application_security_manager_appliance:11.2.0:hf2:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00722

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-g6vv-436m-7g7c

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the traffic overview page on the F5 ASM appliance 10.0.0 through 11.2.0 HF2 allows remote attackers to inject arbitrary web script or HTML via crafted requests that are later listed on a summary page.

EPSS

Процентиль: 72%

0.00722

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79