CVE-2014-3959

F5 BIG-IP LTM - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

References (5)

Scores

EPSS 0.0086
EPSS Percentile 74.9%

Details

CWE
CWE-79
Status published
Products (29)
f5/big-ip_access_policy_manager
f5/big-ip_access_policy_manager
f5/big-ip_advanced_firewall_manager
f5/big-ip_advanced_firewall_manager
f5/big-ip_analytics
f5/big-ip_analytics
f5/big-ip_application_acceleration_manager
f5/big-ip_application_acceleration_manager
f5/big-ip_application_security_manager
f5/big-ip_application_security_manager
... and 19 more
Published Jun 03, 2014
Tracked Since Feb 18, 2026