CVE-2015-6672: XSS
First published: Thu Sep 17 2015(Updated: )
Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Citrix Netscaler Application Delivery Controller Firmware | =10.1 | |
| Citrix Netscaler Application Delivery Controller Firmware | =10.5 | |
| Citrix Netscaler Application Delivery Controller Firmware | =10.5e | |
| Citrix Netscaler Gateway Firmware | =10.1 | |
| Citrix Netscaler Gateway Firmware | =10.5 | |
| Citrix Netscaler Gateway Firmware | =10.5e |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/citrix
- canonical/citrix netscaler application delivery controller firmware
- version/citrix netscaler application delivery controller firmware/10.1
- version/citrix netscaler application delivery controller firmware/10.5
- version/citrix netscaler application delivery controller firmware/10.5e
- canonical/citrix netscaler gateway firmware
- version/citrix netscaler gateway firmware/10.1
- version/citrix netscaler gateway firmware/10.5
- version/citrix netscaler gateway firmware/10.5e