3 matches found
CVE-2016-5236
CVE-2016-5236 affects F5 WebSafe Dashboard (3.9.5 and earlier). The vulnerability is a Cross-Site Scripting (XSS) flaw that enables a privileged authenticated user to inject arbitrary script/HTML when creating a new user, account, or signature. The F5 advisory lists vulnerable products/features a...
CVE-2016-5235
Summary of CVE-2016-5235 (F5 WebSafe Dashboard XSS) The vulnerability affects the F5 WebSafe Dashboard (WebSafe Alert Server) and is triggered by an unauthenticated user who can inject HTML via a crafted alert in versions 3.9.x and earlier. The advisory confirms an XSS flaw that can be exploited ...
CVE-2018-5545
CVE-2018-5545 affects F5 WebSafe Alert Server versions 1.0.0–4.2.6. An authenticated user can execute arbitrary code on the alert server by sending a malicious payload via the Dashboard. The advisory lists CVSSv3.0 score 8.8 (HIGH) with network access, low privileges required, and no user interac...