CVE-2018-10649
Citrix XenMobile Server 10.7 (before RP3) is affected by CVE-2018-10649, a Cross-Site Scripting (XSS) vulnerability that could allow an attacker to inject arbitrary web script or HTML. Mitigation per Citrix: upgrade XenMobile 10.7 to Rolling Patch 3 (RP3) and XenMobile 10.8 to Rolling Patch 2; th...