A reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. (CVE-2020-27726)
Impact
An attacker can craft a malicious URL and send it to an authenticated user to launch a XSS attack.