CVE-2020-5932

Summary

On BIG-IP ASM 15.1.0-15.1.0.5, a cross-site scripting (XSS) vulnerability exists in the BIG-IP ASM Configuration utility response and blocking pages. An authenticated user with administrative privileges can specify a response page with any content, including JavaScript code that will be executed when preview is opened.

Affected Software

VendorProductVersion RangeStatus
n/aBIG-IP ASM15.1.0-15.1.0.5affected

Weaknesses

  • XSS

ADP Enrichment

CVE Program Container

Additional References

References