F5 Websafe Alert Server vulnerabilities
3 known vulnerabilities affecting f5/websafe_alert_server.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2016-5235MEDIUMCVSS 6.1fixed in 4.0.02019-07-01
CVE-2016-5235 [MEDIUM] CWE-79 CVE-2016-5235: A Cross Site Scripting (XSS) vulnerability in versions of F5 WebSafe Dashboard 3.9.x and earlier, ak
A Cross Site Scripting (XSS) vulnerability in versions of F5 WebSafe Dashboard 3.9.x and earlier, aka F5 WebSafe Alert Server, allows an unauthenticated user to inject HTML via a crafted alert.
nvd
CVE-2016-5236MEDIUMCVSS 5.4≤ 3.9.52019-07-01
CVE-2016-5236 [MEDIUM] CWE-79 CVE-2016-5236: Cross-Site-Scripting (XSS) vulnerabilities in F5 WebSafe Dashboard 3.9.5 and earlier, aka F5 WebSafe
Cross-Site-Scripting (XSS) vulnerabilities in F5 WebSafe Dashboard 3.9.5 and earlier, aka F5 WebSafe Alert Server, allow privileged authenticated users to inject arbitrary web script or HTML when creating a new user, account or signature.
nvd
CVE-2018-5545HIGHCVSS 8.8≥ 1.0.0, ≤ 4.2.62018-09-13
CVE-2018-5545 [HIGH] CWE-20 CVE-2018-5545: On F5 WebSafe Alert Server 1.0.0-4.2.6, a malicious, authenticated user can execute code on the aler
On F5 WebSafe Alert Server 1.0.0-4.2.6, a malicious, authenticated user can execute code on the alert server by using a maliciously crafted payload.
nvd