Cross-Site Scripting Vulnerability in Citrix XenMobile Server
CVE-2018-10649
6.1MEDIUM
Summary
The vulnerability found in Citrix XenMobile Server 10.7 prior to RP3 allows attackers to execute arbitrary scripts in the context of a user session, potentially leading to unauthorized actions and sensitive data exposure. Proper input validation measures should be implemented to mitigate the risk of exploitation.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved