CVE-2005-3971

Name of the Vulnerable Software and Affected Versions Citrix MetaFrame Secure Access Manager versions 2.0 through 2.2 NFuse Elite version 1.0

Description A cross-site scripting (XSS) issue exists in the login form, allowing remote attackers to inject arbitrary web script or HTML via the username field. This could potentially lead to unauthorized actions on the affected system.

Recommendations For Citrix MetaFrame Secure Access Manager versions 2.0 through 2.2, avoid using the vulnerable login form until a fix is available. For NFuse Elite version 1.0, restrict access to the login form to minimize the risk of exploitation. As a temporary workaround, consider validating and sanitizing the username field input to prevent malicious script injection.