K00432398 : BIG-IP TMUI XSS vulnerability CVE-2019-6626

Security Advisory Description

A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility. (CVE-2019-6626)

Impact

If a targeted administrative user accesses the Configuration utility for one of the affected modules, an attacker can run commands as the administrative user.