Cross-Site Scripting Vulnerability in Citrix Web Interface
CVE-2009-2454

Currently unrated

Key Information:

Vendor

Citrix
Status
Web Interface
Vendor
CVE Published:
14 July 2009

What is CVE-2009-2454?

A Cross-Site Scripting (XSS) vulnerability exists in Citrix Web Interface versions 4.6, 5.0, and 5.0.1. This flaw allows remote attackers to inject arbitrary web scripts or HTML into users' browsers, potentially compromising sensitive data or session information. This vulnerability can be exploited through unspecified vectors, raising concerns for the security of applications relying on affected versions of the Citrix Web Interface.

References

http://support.citrix.com/article/CTX120697
x_refsource_CONFIRM
http://www.securityfocus.com/bid/34761
vdb-entryx_refsource_BID
http://secunia.com/advisories/34868
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.
CVE-2009-2454 : Cross-Site Scripting Vulnerability in Citrix Web Interface