CVE-2015-7997: XSS
First published: Tue Nov 17 2015(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on NetScaler Service Delivery Appliance Service VM (SVM) devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Citrix Netscaler Service Delivery Appliance Service Vm | =10.5e | |
| Citrix Netscaler Application Delivery Controller Firmware | =10.1 | |
| Citrix Netscaler Application Delivery Controller Firmware | =10.5 | |
| Citrix Netscaler Gateway Firmware | =10.1 | |
| Citrix Netscaler Gateway Firmware | =10.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/citrix
- canonical/citrix netscaler service delivery appliance service vm
- version/citrix netscaler service delivery appliance service vm/10.5e
- canonical/citrix netscaler application delivery controller firmware
- version/citrix netscaler application delivery controller firmware/10.1
- version/citrix netscaler application delivery controller firmware/10.5
- canonical/citrix netscaler gateway firmware
- version/citrix netscaler gateway firmware/10.1
- version/citrix netscaler gateway firmware/10.5