Vigil@nce - F5 BIG-IP ASM: Cross Site Scripting via Traffic Overview
September 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can generate a Cross Site Scripting in the Traffic
Overview page of BIG-IP ASM, in order to execute JavaScript code
in the web site context.
Impacted products: BIG-IP Appliance
Severity: 2/4
Creation date: 07/09/2012
DESCRIPTION OF THE VULNERABILITY
The BIG-IP ASM (Application Security Manager) product manages
security incidents.
An attacker can generate a Cross Site Scripting in the Traffic
Overview page of BIG-IP ASM, in order to execute JavaScript code
in the web site context.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/F5-BIG-IP-ASM-Cross-Site-Scripting-via-Traffic-Overview-11924