Cross-Site-Scripting (XSS) vulnerabilities in F5 WebSafe Dashboard allow privileged authenticated users to inject arbitrary web script or HTML when creating a new user, account or signature. (CVE-2016-5236)
Impact
An attacker with a privileged account may be able to inject arbitrary web script or HTML into F5 WebSafe Dashboard.
CPE | Name | Operator | Version |
---|---|---|---|
big-ip afm | eq | 11.4.0 | |
big-ip afm | eq | 11.4.1 | |
big-ip afm | eq | 11.5.0 | |
big-ip afm | eq | 11.5.1 | |
big-ip afm | eq | 11.5.2 | |
big-ip afm | eq | 11.5.3 | |
big-ip afm | eq | 11.5.4 | |
big-ip afm | eq | 11.6.0 | |
big-ip afm | eq | 11.6.1 | |
big-ip afm | eq | 12.0.0 |