Cross-Site Scripting Vulnerabilities in Citrix NetScaler ADC and Gateway
CVE-2018-6811
6.1MEDIUM
Key Information:
- Vendor
- Citrix
- Vendor
- CVE Published:
- 6 March 2018
Summary
Multiple Cross-Site Scripting (XSS) vulnerabilities exist in Citrix NetScaler ADC and Gateway versions, enabling remote attackers to exploit the Citrix NetScaler interface. If successfully executed, this could allow unauthorized injection of arbitrary web script or HTML, potentially compromising the security of the user and their data.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved