2 matches found
CVE-2007-6704
CVE-2007-6704 is a cross-site scripting vulnerability affecting F5 FirePass SSL VPN 4100/5.x and 6.0.x when pre-logon sequences are enabled. The issue allows remote attackers to inject script via the query string to my.activation.php3 or my.logon.php3. FirePass 6.0.2 fixes the issue; hotfixes HF-...
SOL7923 - Cross-site scripting vulnerability in the logon page after enabling a pre-logon sequence - CVE-2007-6704
A cross-site scripting XSS vulnerabilityâCVE-2007-6704âexists in the FirePass logon page when a pre-logon sequence is enabled. The affected FirePass URL fails to fully sanitize URL input before the web page content is sent to the browser. It is possible for an attacker to create web pages,...