Cross-Site Scripting Vulnerability in Citrix MetaFrame XP Server
CVE-2003-1157

Currently unrated

Key Information:

Vendor: Citrix
Status: Metaframe
Vendor: CVE Published:; 31 December 2003

Summary

The Citrix MetaFrame XP Server 1.0 has a vulnerability in the login.asp file that permits remote attackers to exploit the NFuse_Message parameter. This flaw allows the injection of arbitrary web scripts or HTML, potentially compromising user sessions and sensitive data. Attackers can leverage this weakness to execute unauthorized actions, making it critical for users to secure their applications against such vulnerabilities.

References

http://secunia.com/advisories/10127

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/8939

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/343040

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
May 4, 2005
Vulnerability published
Dec 31, 2003