Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via the Citrix NetScaler interface.
References
| Link | Resource |
|---|---|
| https://support.citrix.com/article/CTX232161 | Patch Vendor Advisory |
| http://www.securitytracker.com/id/1040440 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2018-03-06 20:29
Updated : 2018-03-26 17:39
NVD link : CVE-2018-6811
Mitre link : CVE-2018-6811
JSON object : View
Products Affected
citrix
- netscaler_gateway_firmware
- netscaler_application_delivery_controller_firmware
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')