CVE-2019-6653
published 2019-09-25CVE-2019-6653: There is a Stored Cross Site Scripting vulnerability in the undisclosed page of a BIG-IQ 6.0.0-6.1.0 or 5.2.0-5.4.0 system. The attack can be stored by users…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
There is a Stored Cross Site Scripting vulnerability in the undisclosed page of a BIG-IQ 6.0.0-6.1.0 or 5.2.0-5.4.0 system. The attack can be stored by users granted the Device Manager and Administrator roles.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-iq | — | — |
| f5 | big-iq_centralized_management | — | — |
| f5 | big-iq_centralized_management | 5.2.0 – 5.4.0 | — |
| f5 | big-iq_centralized_management | 6.0.0 – 6.1.0 | — |