Vuln ID: CVE-2019-6600

Published:  2019-03-13  22:29:00Z

Description: In BIG-IP 14.0.0-, 13.0.0-, 12.1.0-, 11.6.1-, or 11.5.1-11.5.8, when remote authentication is enabled for administrative users and all external users are granted the "guest" role, unsanitized values can be reflected to the client via the login page. This can lead to a cross-site scripting attack against unauthenticated clients.