Cross-Site Scripting Vulnerabilities in Citrix NetScaler ADC and Gateway
CVE-2018-6811

6.1MEDIUM

Key Information:

Vendor
Citrix
Vendor
CVE Published:
6 March 2018

Summary

Multiple Cross-Site Scripting (XSS) vulnerabilities exist in Citrix NetScaler ADC and Gateway versions, enabling remote attackers to exploit the Citrix NetScaler interface. If successfully executed, this could allow unauthorized injection of arbitrary web script or HTML, potentially compromising the security of the user and their data.

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.