Open Redirect Vulnerabilities in Citrix XenMobile Server
CVE-2018-10651

6.1MEDIUM

Key Information:

Vendor: Citrix
Status: Xenmobile Server
Vendor: CVE Published:; 23 May 2018

Summary

Citrix XenMobile Server is susceptible to Open Redirect vulnerabilities in versions 10.8 prior to RP2 and 10.7 prior to RP3. This issue could allow attackers to manipulate the server’s response to redirect users to untrusted locations, making it a notable concern for security. Users should ensure they upgrade to the patched versions to protect against potential exploits.

References

https://support.citrix.com/article/CTX234879

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 23, 2018
Vulnerability Reserved
May 2, 2018