Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
f5F5F5:K43520321
HistoryJun 11, 2020 - 12:00 a.m.

K43520321 : NGINX Controller API Vulnerability CVE-2020-5901

2020-06-1100:00:00
my.f5.com
15

AI Score

8.7

Confidence

High

EPSS

0.002

Percentile

57.1%

JSON

Security Advisory Description

Undisclosed API endpoints may allow for a reflected Cross Site Scripting (XSS) attack. If the victim user is logged in as admin this could result in a complete compromise of the system. (CVE-2020-5901)

Impact

For the attack to occur, a user must visit a specially crafted URL that includes the specific target host name. If the exploit is successful, an attacker can run JavaScript in the context of the currently logged-in user. If the user is logged in as an administrator, the attacker may be able to completely compromise of the system.

Related

prion 1
cvelist 1
nvd 1
cve 1
prion
prion
Cross site scripting
2020-07-01 15:15:00
cvelist
cvelist
CVE-2020-5901
2020-07-01 14:03:33
nvd
nvd
CVE-2020-5901
2020-07-01 15:15:15
cve
cve
CVE-2020-5901
2020-07-01 15:15:15

AI Score

8.7

Confidence

High

EPSS

0.002

Percentile

57.1%

JSON
Related for F5:K43520321
prion1cvelist1nvd1cve1