Cross-Site Scripting Vulnerability in Citrix MetaFrame Secure Access Manager and NFuse Elite
CVE-2005-3971

Currently unrated

Key Information:

Vendor
Citrix
Vendor
CVE Published:
3 December 2005

Summary

The vulnerability in Citrix MetaFrame Secure Access Manager and NFuse Elite allows remote attackers to exploit the login form's username field, enabling the injection of arbitrary web scripts or HTML. This flaw can lead to potential attacks like session hijacking, phishing, and other malicious activities that exploit the trust users place in the web application. Proper validation and sanitization of input fields are essential to mitigate this risk.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.