An undisclosed link on the BIG-IP APM virtual server allows a malicious user to build an open redirect URI. (CVE-2020-27729)
Impact
An attacker can create a URL with a specially crafted value and trick BIG-IP APM users into visiting the link. Victims may be redirected to a malicious website by following the misleading URL.