Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6
Fixed In:
13.0.0, 12.1.3.7
Opened: Dec 22, 2015 Severity: 3-Major
ASM originated scripts are injected into places where they are not supposed to be, causing the script not to work and/or the application to break.
Application malfunctions, shows javascrip errors
ASM is in front of a single page application, where injection is possible only for the main page. \ ASM has the CSRF or web scraping feature enabled.
Turn off the relevant feature that causes the injection.
None