Cross-Site Scripting Vulnerability in Citrix NFuse by Citrix
CVE-2002-0504

Currently unrated

Key Information:

Vendor

Citrix
Status
Nfuse
Vendor
CVE Published:
12 August 2002

What is CVE-2002-0504?

The Cross-Site Scripting vulnerability in Citrix NFuse versions 1.6 and earlier allows remote attackers to inject and execute malicious scripts in the context of users' browsers. By manipulating the NFuse_Application parameter during requests to launch.jsp or launch.asp, attackers can exploit the lack of proper input sanitization in the getLastError method. This can potentially lead to session hijacking or data theft, underscoring the importance of securing web applications against such vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.iss.net/security_center/static/8659.php
vdb-entryx_refsource_XF
http://archives.neohapsis.com/archives/bugtraq/2002-03/03...
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/4372
vdb-entryx_refsource_BID

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.