Carefully crafted URLs can be used to reflect arbitrary content into GeoIP lookup responses, potentially exposing clients to XSS. (CVE-2018-5521)
Impact
BIG-IP
Clients accessing the affected system may be exposed to cross-site scripting (XSS) attacks. This vulnerability does not affect data plane traffic.
BIG-IQ / F5 iWorkflow / Enterprise Manager / ARX / LineRate / Traffix SDC
There is no impact; these F5 products are not affected by this vulnerability.