Lucene search
HistoryAug 12, 2002 - 4:00 a.m.
CVE-2002-0504
citrix nfuse 1.6
cross-site scripting
cve-2002-0504
vulnerability
remote attack
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.6 Medium
AI Score
Confidence
High
0.019 Low
EPSS
Percentile
88.6%
Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp.
Affected configurations
Node
citrixnfuseRange≤1.6
ORcitrixnfuseMatch1.51
| CPE | Name | Operator | Version |
|---|---|---|---|
| citrix:nfuse | citrix nfuse | le | 1.6 |
| citrix:nfuse | citrix nfuse | eq | 1.51 |
Related
nessus
nessus
Citrix NFuse Launch Scripts 'NFuse_Application' Parameter XSS
2004-09-02 00:00:00
openvas
openvas
Citrix NFuse_Application parameter XSS
2005-11-03 00:00:00
cvelist
cvelist
CVE-2002-0504
2002-06-11 04:00:00
nvd
nvd
CVE-2002-0504
2002-08-12 04:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.6 Medium
AI Score
Confidence
High
0.019 Low
EPSS
Percentile
88.6%
Related for CVE-2002-0504