Description
Cross-site scripting (XSS) vulnerability in dms/policy/rep_request.php in F5 BIG-IP Application Security Manager (ASM) 9.4.3 allows remote attackers to inject arbitrary web script or HTML via the report_type parameter.
Affected products
- F5 / big-ip_application_security_manager9.2.0 – 9.2.5
- F5 / big-ip_application_security_manager9.3.0 – 9.3.0
References
- MISChttp://www.securityfocus.com/bid/27462
- MISChttp://www.securitytracker.com/id?1019276
- MISChttp://www.securityfocus.com/archive/1/487118/100/0/threaded
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/39979
- VENDOR_ADVISORYhttp://secunia.com/advisories/28655
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/0301
- MISChttp://www.securityfocus.com/archive/1/489290/100/0/threaded
- MISChttp://securityreason.com/securityalert/3602
- MISChttp://www.securityfocus.com/bid/28151