Cross-site scripting (XSS) vulnerability in dms/policy/rep_request.php in F5 BIG-IP Application Security Manager (ASM) 9.4.3 allows remote attackers to inject arbitrary web script or HTML via the report_type parameter.
Software | From | Fixed in |
---|---|---|
f5 / big-ip_application_security_manager | 9.2.0 | 9.2.5 |
f5 / big-ip_application_security_manager | 9.3.0 | 9.3.0.x |
f5 / big-ip_application_security_manager | 9.4.0 | 9.4.4 |