CVE-2014-3959: XSS

First published: Tue Jun 03 2014(Updated: )

Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Credit: cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/type
• agent/softwarecombine
• collector/mitre-cve
• source/MITRE
• agent/author
• agent/weakness
• agent/references
• agent/severity
• agent/last-modified-date
• agent/tags
• agent/description
• agent/event
• agent/first-publish-date
• vendor/f5
• canonical/f5 big-ip access policy manager
• version/f5 big-ip access policy manager/11.2.1
• version/f5 big-ip access policy manager/11.5.1
• canonical/f5 big-ip advanced firewall manager
• version/f5 big-ip advanced firewall manager/11.2.1
• version/f5 big-ip advanced firewall manager/11.5.1
• canonical/f5 big-ip analytics
• version/f5 big-ip analytics/11.2.1
• version/f5 big-ip analytics/11.5.1
• canonical/f5 big-ip application acceleration manager
• version/f5 big-ip application acceleration manager/11.4.0
• version/f5 big-ip application acceleration manager/11.5.1
• canonical/f5 big-ip application security manager
• version/f5 big-ip application security manager/11.2.1
• version/f5 big-ip application security manager/11.5.1
• canonical/f5 big-ip edge gateway
• version/f5 big-ip edge gateway/11.2.1
• version/f5 big-ip edge gateway/11.3.0
• canonical/f5 big-ip global traffic manager
• version/f5 big-ip global traffic manager/11.2.1
• version/f5 big-ip global traffic manager/11.5.1
• canonical/f5 big-ip link controller
• version/f5 big-ip link controller/11.2.1
• version/f5 big-ip link controller/11.5.1
• canonical/f5 big-ip local traffic manager
• version/f5 big-ip local traffic manager/11.2.1
• version/f5 big-ip local traffic manager/11.5.1
• canonical/f5 big-ip policy enforcement manager
• version/f5 big-ip policy enforcement manager/11.3.0
• version/f5 big-ip policy enforcement manager/11.5.1
• canonical/f5 big-ip protocol security module
• version/f5 big-ip protocol security module/11.2.1
• version/f5 big-ip protocol security module/11.4.1
• canonical/f5 big-ip wan optimization manager
• version/f5 big-ip wan optimization manager/11.2.1
• version/f5 big-ip wan optimization manager/11.3.0
• canonical/f5 big-ip webaccelerator
• version/f5 big-ip webaccelerator/11.2.1
• version/f5 big-ip webaccelerator/11.3.0
• canonical/f5 enterprise manager
• version/f5 enterprise manager/3.0.0
• version/f5 enterprise manager/3.1.1