2 matches found
CVE-2015-2839
The CVE-2015-2839 issue affects Citrix NetScaler prior to 10.5 build 52.3nc where the Nitro API returns error messages with an incorrect Content-Type, enabling remote XSS via the file_name JSON member in params/xen_hotfix/0 to nitro/v1/config/xen_hotfix. Multiple sources corroborate the vulnerabi...
KLA10536 Multiple vulnerabilities in Citrix NetScaler
Multiple serious vulnerabilities have been found in Citrix NetScaler. Malicious users can exploit these vulnerabilities to execute or inject arbitrary code and conduct XSS attack. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via a specially designed...