Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
15.1.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5, 16.1.5.1, 16.1.5.2
Fixed In:
15.1.2.1
Opened: Jun 25, 2020 Severity: 3-Major
When you try to configure credential stuffing and provide invalid parameters, you see a misleading error: HTML Tag-like Content in the Request URL/Body
A misleading error is displayed.
Configuration of bad ApplicationID, Access Token or wrong service type, generates a validation error, but the error message is confusing.
None.
Wrong error message upon bad credential stuffing configuration has been corrected.