Last Modified: Oct 16, 2025
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1, 17.1.2.2, 17.1.3
Opened: Sep 24, 2025 Severity: 4-Minor
Setup IBD profile Set up a backend server to serve js file with some HTML tags in string format Example Javascript function PrintPreview(htmlpage) { var page = "<script>function Print(){window.document.getElementById(\"printtool\").setAttribute(\"style\",\"display:none\");window.print();window.document.getElementById(\"printtool\").setAttribute(\"style\",\"\");}; function Close(){close();}</script>"; htmlpage = "<html><head></header><body>" +htmlpage+ scp+ "</body></html>"; myWindow.document.write(htmlpage); } Able to see js tags injected with non html pages with content-type= application/javascript in response
Javascript tag injection is happening for response pages with content-type= application/javascript instead of happening with html pages with content-type = html or xhtml.
Virtual server with the IBD profile and a Javascript file with some HTML tags in string format
None
None