Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 12/08/2002 Updated: 05/09/2008

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-site scripting vulnerability in Citrix NFuse 1.6 and previous versions does not quote results from the getLastError method, which allows remote malicious users to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp.

Vulnerable Product	Search on Vulmon	Subscribe to Product
citrix nfuse
citrix nfuse 1.51

source: wwwsecurityfocuscom/bid/4372/info Citrix NFuse is an application portal server meant to provide the functionality of any application on the server via a web browser NFuse works in conjunction with a previously-installed webserver NFuse is said to support almost any operating system, including Unix and Linux variants, as well as ...

NVD-CWE-Other http://www.iss.net/security_center/static/8659.php http://www.securityfocus.com/bid/4372 http://archives.neohapsis.com/archives/bugtraq/2002-03/0334.html https://nvd.nist.gov https://www.exploit-db.com/exploits/21355/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-0504

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect