U.S. Dept Of Defense: Reflected XSS Vulnerability in SSL VPN Endpoint — CVE-2025-0133

A reflected Cross-Site Scripting XSS vulnerability was discovered in a SSL VPN endpoint. The vulnerability was assigned the CVE number CVE-2025-0133. The vulnerability allowed an unauthenticated attacker to inject and execute arbitrary JavaScript in the browser of a victim who clicked on a...

PT-2020-6826 · Citrix · Citrix Adc +1

Name of the Vulnerable Software and Affected Versions: Citrix ADC and Citrix Gateway versions 13.0-58.30 and later releases before the CTX276688 update Description: The issue is related to insufficient protection of service data in the implementation of SSL VPN controller delivery in Citrix ADC a...