Back to search
CVE-2008-0265
Published: Jan 15, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Search function in the web management interface in F5 BIG-IP 9.4.3 allow remote attackers to inject arbitrary web script or HTML via the SearchString parameter to (1) list_system.jsp, (2) list_pktfilter.jsp, (3) list_ltm.jsp, (4) resources_audit.jsp, and (5) list_asm.jsp in tmui/Control/jspmap/tmui/system/log/; and (6) list.jsp in certain directories.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1019190
vdb-entry
x_refsource_SECTRACK
ADV-2008-0181
vdb-entry
x_refsource_VUPEN
f5bigip-searchstring-xss(39632)
vdb-entry
x_refsource_XF
3545
third-party-advisory
x_refsource_SREASON
28505
third-party-advisory
x_refsource_SECUNIA
20080114 F5 BIG-IP Web Management List Search XSS
mailing-list
x_refsource_BUGTRAQ
27272
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now