5 matches found
CVE-2025-24320
A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. This vulnerability is due to an incomplete fix for CVE-2024-31156...
CVE-2025-24320
A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. This vulnerability is due to an incomplete fix for CVE-2024-31156...
CVE-2025-24320 BIG-IP Configuration utility vulnerability
A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. This vulnerability is due to an incomplete fix for CVE-2024-31156...
CVE-2025-24320
CVE-2025-24320 is a stored XSS vulnerability in the BIG-IP Configuration utility. It arises from an incomplete fix for CVE-2024-31156. Affected: BIG-IP Configuration utility (across multiple tracks/branches). Impact: allows an attacker to store and execute JavaScript in the context of the logged-...
K000140578: BIG-IP Configuration utility vulnerability CVE-2025-24320
Security Advisory Description A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user. This vulnerability is due to an incomplete fix for...