In BIG-IP APM Portal Access, HTTP pages that are served by back-end servers and have special JavaScript code may cause internal name conflicts. (CVE-2020-5853)
Impact
BIG-IP APM
An attacker who can control JavaScript code served by back-end servers may bypass the client-side rewriting that BIG-IP APM Portal Access performs and launch a cross-site scripting (XSS) attack.