Path Disclosure Vulnerability in Citrix Nfuse 1.51
CVE-2001-0760
Currently unrated
Summary
Citrix Nfuse version 1.51 is vulnerable to a path disclosure issue that allows remote attackers to exposure sensitive information. By sending a specially crafted request to the 'launch.asp' file without a session field, attackers can obtain the absolute path of the web root. This vulnerability can potentially aid malicious actors in formulating further attacks against the system.
References
Timeline
Vulnerability published
Vulnerability Reserved