A cross-site scripting (XSS) vulnerability exists in the FirePass logon page. The affected FirePass logout URL fails to fully sanitize URL input before the web page content is sent to the browser.
It is possible for an attacker to create web pages or emails with URLs that include executable code or other malicious data containing a hyperlink to the vulnerable FirePass page. If you follow the hyperlink to log into the FirePass controller, the affected web page will be returned to your browser with the malicious content. This could result in malicious code execution on the client side, disclosure of sensitive information, or other exploits.
F5 Product Development tracked this issue as CR66767 and CR68628, and it was fixed in FirePass 5.5.2 and 6.0.1. For information about upgrading, refer to the FirePass Release Notes.
F5 would like to acknowledge Michael Ligh (http://mnin.org) and Greg Sinclair (firstname.lastname@example.org) for their efforts in identifying this issue.