| CVE-2008-0265 | Date: (C)2008-01-15 (M)2023-12-22 |
Multiple cross-site scripting (XSS) vulnerabilities in the Search function in the web management interface in F5 BIG-IP 9.4.3 allow remote attackers to inject arbitrary web script or HTML via the SearchString parameter to (1) list_system.jsp, (2) list_pktfilter.jsp, (3) list_ltm.jsp, (4) resources_audit.jsp, and (5) list_asm.jsp in tmui/Control/jspmap/tmui/system/log/; and (6) list.jsp in certain directories.
CVSS Score and Metrics +CVSS Score and Metrics -| CVSS V2 Severity: |
| CVSS Score : 4.3 |
| Exploit Score: 8.6 |
| Impact Score: 2.9 |
| |
| CVSS V2 Metrics: |
| Access Vector: NETWORK |
| Access Complexity: MEDIUM |
| Authentication: NONE |
| Confidentiality: NONE |
| Integrity: PARTIAL |
| Availability: NONE |
| | |
