返回 CVE 瀏覽器

CVE-2014-9342

MEDIUM

4.3

CVSS Severity Score

EPSS Score0.1800%

EPSS Percentile41.88th

Published2014年12月8日

Last Modified2026年5月6日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the tree view (pl_tree.php) feature in Application Security Manager (ASM) in F5 BIG-IP 11.3.0 allows remote attackers to inject arbitrary web script or HTML by accessing a crafted URL during automatic policy generation.

Affected Platforms (CPE)

📦

F5

Big Ip

= 11.3.0

References & Advisories

🔗 http://secunia.com/advisories/62000

🔗 http://www.securityfocus.com/archive/1/534137/100/0/threaded

🔗 https://support.f5.com/csp/article/K15939

🔗 https://support.f5.com/kb/en-us/solutions/public/15000/900/sol15939.html

🔗 http://secunia.com/advisories/62000

🔗 http://www.securityfocus.com/archive/1/534137/100/0/threaded

🔗 https://support.f5.com/csp/article/K15939

🔗 https://support.f5.com/kb/en-us/solutions/public/15000/900/sol15939.html

相關漏洞威脅

CVE-2000-063810.0

bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HO...

CVE-2021-230319.9

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.1, 13.1.x before 13.1.4, 12.1.x before 12.1.6, and 1...

CVE-2021-229879.9

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12....

CVE-2019-66099.8

Platform dependent weakness. This issue only impacts iSeries platforms. On these platforms, in BIG-IP (LTM, AAM, AFM, Analytics, A...