CVE-2025-61933
15.10.2025, 16:15
A reflected cross-site scripting (XSS) vulnerability exists in an undisclosed page of BIG-IP APM that allows an attacker to run JavaScript in the context of the targeted logged-out user.Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Awaiting analysis
This vulnerability is currently awaiting analysis.