For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Aug 09, 2014

Vulnerability "Cross-site scripting in Expect header"

Hi Team,

We are using AlertLogic Tool for our vulnerability Scan and and getting "Cross-site scripting in Expect header". The end member-application servers are Apache web-servers.

How can we mitigate the vulnerability using the Irule Kindly guide.

We are using version 10.2.4 in our environment.

Thanks and Regards Parveez

1 Reply

Parveez_70209
Nimbostratus
Aug 09, 2014
Just adding one point, WAS GOING through the below link and it's saying in 10.2.4 Hotfix 7, this vulnerabity is fixed under case:ID: 414475, Can you please assist once.

https://support.f5.com/kb/en-us/solutions/public/13000/600/sol13670.html

Regards Parveez

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5