Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
F5 Traffix SDC 跨站脚本漏洞
Vulnerability Description
F5 Traffix Signaling Delivery Controller(F5 Traffix SDC)是美国F5公司的一种信令交付控制器。用于为运营商提供全面的连接性、无限的可扩展性和全面的控制。 F5 Traffix SDC 存在跨站脚本漏洞,经过身份验证的攻击者利用此漏洞可以通过在 Traffix SDC 配置实用程序中存储恶意 HTML 或 JavaScript 代码。以下产品和版本受到影响:5.2.2 之前的5.2.x 版本和 5.1.35 之前的 5.1.x 版本。
CVSS Information
N/A
Vulnerability Type
N/A