Published: 06/03/2018 Updated: 26/03/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote malicious users to inject arbitrary web script or HTML via the Citrix NetScaler interface.

Vulnerable Product	Search on Vulmon	Subscribe to Product
citrix netscaler application delivery controller firmware 11.0
citrix netscaler application delivery controller firmware 12.0
citrix netscaler application delivery controller firmware 10.5
citrix netscaler application delivery controller firmware 11.1
citrix netscaler gateway firmware 10.5
citrix netscaler gateway firmware 11.0
citrix netscaler gateway firmware 11.1
citrix netscaler gateway firmware 12.0

Description of Problem A number of vulnerabilities have been identified in supported versions of Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway The following vulnerabilities have been addressed: CVE-2018-6810: Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway Directory Traversal Vulnerabilit ...

CWE-79 https://support.citrix.com/article/CTX232161 http://www.securitytracker.com/id/1040440 https://nvd.nist.gov https://support.citrix.com/article/CTX232161

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-6811

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect