CVE-2009-2119
Description
Cross-site scripting (XSS) vulnerability in the login interface (my.logon.php3) in F5 FirePass SSL VPN 5.5 through 5.5.2 and 6.0 through 6.0.3 allows remote attackers to inject arbitrary web script or HTML via a base64-encoded xcho parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cross-site scripting vulnerability in F5 FirePass SSL VPN login interface allows remote attackers to inject arbitrary web script or HTML via base64-encoded xcho parameter.
Vulnerability
A cross-site scripting (XSS) vulnerability exists in the login interface (my.logon.php3) of F5 FirePass SSL VPN versions 5.5 through 5.5.2 and 6.0 through 6.0.3. The vulnerability allows remote attackers to inject arbitrary web script or HTML via a base64-encoded value in the xcho parameter.
Exploitation
An attacker can craft a malicious URL containing a base64-encoded payload in the xcho parameter. When a victim visits the login page with this crafted parameter, the injected script executes in the context of the victim's browser. No authentication is required to trigger the vulnerability.
Impact
Successful exploitation allows an attacker to execute arbitrary web script or HTML in the context of the victim's browser session. This can lead to session hijacking, credential theft, or other malicious actions within the FirePass SSL VPN interface.
Mitigation
No fix or workaround is disclosed in the available references. Users are advised to restrict access to the login interface or apply web application firewall rules to filter malicious input.
AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- www.securitytracker.com/idnvdPatch
- www.vupen.com/english/advisories/2009/1570nvdPatchVendor Advisory
- secunia.com/advisories/35418nvdVendor Advisory
- secunia.com/advisories/35426nvdVendor Advisory
- www.fox-it.com/nl/nieuws-en-events/nieuws/laatste-nieuws/nieuwsartikel/f5-firepass-cross-site-scripting-vulnerability/106nvdVendor Advisory
- osvdb.org/55040nvd
- www.securityfocus.com/archive/1/504232/100/0/threadednvd
- www.securityfocus.com/bid/35312nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/51064nvd
- www.fox-it.com/uploads/pdf/advisory_xss_f5_firepass.pdfnvd
News mentions
0No linked articles in our index yet.