CVE-2002-0504

Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuseApplication parameter to 1 launch.jsp or 2 launch.asp...

CVE-2002-0504

CVE-2002-0504 describes a remote cross-site scripting flaw in Citrix NFuse 1.6 and earlier where results from getLastError are not quoted, allowing an attacker to inject script via the NFuse_Application parameter to launch.jsp or launch.asp. The CVSS v2 base metrics are provided (AV:N/AC:L/Au:N/C...