Cross-Site Scripting Vulnerability in Citrix SD-WAN Center
CVE-2019-11345
6.1MEDIUM
Key Information:
- Vendor
- Citrix
- Vendor
- CVE Published:
- 10 March 2020
Summary
The Citrix SD-WAN Center and NetScaler SD-WAN Center are susceptible to a Cross-Site Scripting (XSS) vulnerability in versions prior to 10.2.1 and 10.0.7 respectively. This allows attackers to inject malicious scripts into web pages viewed by users, potentially compromising user sessions or redirecting users to malicious sites. Organizations should promptly upgrade to the respective patched versions to mitigate associated risks.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved