Vulnerabilities fixed in Citrix ADC and Gateway

🗓️ 03 Jul 2023 00:00:00Reported by NCSCType

Citrix fixed ADC and Gateway vulnerabilities that could enable data access and cross-site scripting via the management interface; updates released.

Reporter	Title	Published	Views	Family All 31
GithubExploit	Exploit for Cross-site Scripting in Citrix Gateway	4 Jul 202318:02	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Citrix Gateway	1 Jul 202317:47	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Citrix Gateway	31 Jul 202311:29	–	githubexploit
BDU FSTEC	The vulnerability of Citrix ADC application delivery controllers (formerly known as Citrix NetScaler Application Delivery Controller) and Citrix Gateway virtual environment access control systems (formerly known as Citrix NetScaler Gateway) stems from improper validation of the return value of a function. This allows attackers to disclose sensitive information that should be protected.	26 Jul 202300:00	–	bdu_fstec
BDU FSTEC	The vulnerability of Citrix ADC application delivery controllers (formerly known as Citrix NetScaler Application Delivery Controller), as well as the Citrix Gateway access control system (formerly known as Citrix NetScaler Gateway)—exist due to the lack of protective measures for website structures. This allows attackers to carry out cross-site scripting attacks.	26 Jul 202300:00	–	bdu_fstec
Circl	CVE-2023-24487	11 Jul 202300:24	–	circl
Circl	CVE-2023-24488	1 Jul 202317:36	–	circl
Tenable Nessus	Citrix ADC and Citrix Gateway Multiple Vulnerabilities (CTX477714)	11 May 202300:00	–	nessus
Tenable Nessus	Citrix Gateway / ADC Cross-Site Scripting	13 Jul 202300:00	–	nessus
CNNVD	Citrix Systems Citrix Gateway和Citrix ADC 跨站脚本漏洞	10 Jul 202300:00	–	cnnvd