PT-2015-7315 · Citrix · Netscaler Gateway+1
Published
2015-09-17
·
Updated
2016-12-22
·
CVE-2015-6672
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway versions prior to 10.1 Build 132.8
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway versions 10.5 prior to Build 57.7
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway versions 10.5e prior to Build 56.1505.e
Description
A cross-site scripting (XSS) issue exists in the Administrative Web Interface of the affected products, allowing remote attackers to inject arbitrary web script or HTML. This can be achieved via unspecified vectors.
Recommendations
For versions prior to 10.1 Build 132.8, update to Build 132.8 or later.
For versions 10.5 prior to Build 57.7, update to Build 57.7 or later.
For versions 10.5e prior to Build 56.1505.e, update to Build 56.1505.e or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Citrix Netscaler Application Delivery Controller
Netscaler Gateway