Описание
A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IQ Configuration utility that allows an attacker with the Administrator role to run JavaScript in the context of the currently logged-in user.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:f5:big-iq_centralized_management:8.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.0056
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-80
Связанные уязвимости
CVSS3: 6.8
github
больше 1 года назад
A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IQ Configuration utility that allows an attacker with the Administrator role to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
EPSS
Процентиль: 68%
0.0056
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-80