2 matches found
CVE-2015-2838
CVE-2015-2838 affects Citrix NetScaler Nitro API prior to 10.5 build 52.3nc. The vulnerability arises from CSRF that lets an attacker craft requests via the file_name JSON field in params/xen_hotfix/0 to nitro/v1/config/xen_hotfix, enabling shell metacharacters to execute commands as nsroot. This...
KLA10536 Multiple vulnerabilities in Citrix NetScaler
Multiple serious vulnerabilities have been found in Citrix NetScaler. Malicious users can exploit these vulnerabilities to execute or inject arbitrary code and conduct XSS attack. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via a specially designed...