CVE-2007-6704
published 2008-03-05CVE-2007-6704: Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are…
low2.6CVSS 3.1
AVNACHAuNCNIPAN
EXPLOIT
Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to (1) my.activation.php3 and (2) my.logon.php3.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |
| f5 | firepass_4100 | — | — |