CVE-2026-20732 BIG-IP Configuration utility vulnerability

A vulnerability exists in an undisclosed BIG-IP Configuration utility page that may allow an attacker to spoof error messages. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-20732 BIG-IP Configuration utility vulnerability

A vulnerability exists in an undisclosed BIG-IP Configuration utility page that may allow an attacker to spoof error messages. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

EUVD-2025-34674

A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of BIG-IP APM that allows an attacker to run JavaScript in the context of the targeted logged-out user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-61933

A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of BIG-IP APM that allows an attacker to run JavaScript in the context of the targeted logged-out user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-59269

A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-59269

A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 BIG-IP 跨站脚本漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 USA. A cross-site scripting vulnerability exists in F5 BIG-IP that stems from the presence of reflective cross-site scripting on an...

F5 BIG-IP 跨站脚本漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 Corporation. A cross-site scripting vulnerability exists in F5 BIG-IP that stems from the presence of stored cross-site scripting o...

CVE-2025-24320

A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. This vulnerability is due to an incomplete fix for CVE-2024-31156...

F5 BIG-IP SQL Injection Vulnerability

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 USA. F5 BIG-IP suffers from an SQL injection vulnerability that originates from an SQL injection vulnerability in an undisclosed pa...

Digital Alert Systems DASDEC EAS 跨站脚本漏洞

Digital Alert Systems DASDEC EAS is a digital alert system from Digital Alert Systems in the United States. A cross-site scripting vulnerability exists in all current versions of Digital Alert Systems DASDEC, which stems from a lack of effective filtering and escaping of user-supplied data on an...

CVE-2022-27878

On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP, and F5 BIG-IP Guided Configuration GC all versions prior to 9.0, a stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute...

CVE-2022-1389

On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP fixed in 17.0.0, a cross-site request forgery CSRF vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This vulnerability allows an attacker to run a limited set of commands: ping,...

CVE-2022-28707

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x versions prior to 14.1.4.6, a stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility also referred to as the BIG-IP TMUI that allows an attacker t...

F5 BIG-IQ 跨站脚本漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A cross-site scripting vulnerability exists in BIG-IQ, which could be exploited by an attacker using a specially crafted URL to reflect...

CVE-2020-5940

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.3, a stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface TMUI, also known as the BIG-IP Configuration utility...

CVE-2020-5903

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility...

CVE-2020-5904

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site request forgery CSRF vulnerability in the Traffic Management User Interface TMUI, also referred to as the Configuration utility, exists in an undisclosed page...

Cross site request forgery (csrf)

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site request forgery CSRF vulnerability in the Traffic Management User Interface TMUI, also referred to as the Configuration utility, exists in an undisclosed page...

CVE-2018-15312

On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an authenticated user to execute JavaScript for the currently logged-in user...