CVE-2020-5932

On BIG-IP ASM 15.1.0-15.1.0.5, a cross-site scripting (XSS) vulnerability exists in the BIG-IP ASM Configuration utility response and blocking pages. An authenticated user with administrative privileges can specify a response page with any content, including JavaScript code that will be executed when preview is opened.
References
Link Resource
https://support.f5.com/csp/article/K12002065 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*

Information

Published : 2020-10-29 04:15

Updated : 2020-11-09 03:08


NVD link : CVE-2020-5932

Mitre link : CVE-2020-5932

Products Affected
No products.
CWE