Unrated severityNVD Advisory· Published Jun 3, 2014· Updated May 6, 2026

CVE-2014-3959

Description

Cross-site scripting (XSS) vulnerability in list.jsp in the Configuration utility in F5 BIG-IP LTM, AFM, Analytics, APM, ASM, GTM, and Link Controller 11.2.1 through 11.5.1, AAM 11.4.0 through 11.5.1 PEM 11.3.0 through 11.5.1, PSM 11.2.1 through 11.4.1, WebAccelerator and WOM 11.2.1 through 11.3.0, and Enterprise Manager 3.0.0 through 3.1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.f5.com/kb/en-us/solutions/public/15000/200/sol15296.htmlnvdVendor Advisory
www.securityfocus.com/bid/67771nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1030319nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1030320nvdThird Party AdvisoryVDB Entry
secunia.com/advisories/58969nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000