N/A

On BIG-IP AFM version 15.1.x before 15.1.1, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.5, authenticated users accessing the Configuration utility for AFM are vulnerable to a cross-site scripting attack if they attempt to access a maliciously-crafted URL. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.

N/A

N/A

F5 BIG-IP AFM 跨站脚本漏洞

F5 BIG-IP AFM是美国F5公司的一款用于防护DDos攻击的高级防火墙产品。 BIG-IP AFM中存在跨站脚本漏洞，该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。

N/A

N/A