CVE-2024-5442 NextGEN Gallery < 3.59.3 - Admin+ Stored XSS

The Photo Gallery, Sliders, Proofing and WordPress plugin before 3.59.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

CVE-2024-5442

Summary of CVE-2024-5442 (NextGEN Gallery) : The WordPress plugin NextGEN Gallery (versions before 3.59.3) contains sanitization/escaping flaws in settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., administrators) even when unfiltered_html is disallowed (such as in mult...

CVE-2024-5472

The exploit details for CVE-2024-5472 indicate that WP QuickLaTeX for WordPress (pre-3.8.7) fails to sanitise/escape certain plugin settings, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (such as multisite). The Red Hat and CVE records corrobo...

CVE-2024-5442 NextGEN Gallery < 3.59.3 - Admin+ Stored XSS

The Photo Gallery, Sliders, Proofing and WordPress plugin before 3.59.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

CVE-2024-5151

The CVE-2024-5151 entry concerns the SULly WordPress plugin prior to version 4.3.1. The vulnerability is a Stored XSS caused by insufficient sanitization/escaping of plugin settings, potentially allowing high-privilege users (e.g., administrators) to inject scripts even when unfiltered_html is di...

CVE-2024-4752 EventON < 2.2.15 - Admin+ Stored Cross-Site Scripting via event subtitle

The EventON WordPress plugin before 2.2.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-3751 Seriously Simple Podcasting < 3.3.0 - Admin+ Stored XSS

The Seriously Simple Podcasting WordPress plugin before 3.3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Vdisk shows “No Server” for size in the PVS Console

When viewing a vdisk in the PVS Console the size will show as "No Server". The following error also appears when using XenDesktop Setup Wizard: A required PVS server in the selected site is offline or there is no server assigned to a required store...

Cannot Connect to vCenter Through the Streamed VM Setup Wizard to Create VMs

Cannot connect to vCenter throughthe Streamed VM Setup Wizard in order to create Virtual Machines VMs...

How to Set Up Syslog to Capture Logs Real Time on a Central Location

This article describes how set up a Syslog server when you are experiencing issues across multiple XenServers and need to capture logs real-time on a central location...

How to Configure StoreFront and Smart Card Authentication for Internal Users using Stores

This article describes how to configure Citrix StoreFront 2.0 and Smart Card authentication using Gemalto .NET cards against stores for internal users. Requirements The following components are needed to allow users connectthrough Smart Card to StoreFront: Citrix StoreFront 2.x Citrix Receiver fo...

PT-2024-36407 · WordPress · Wp Quicklatex

Name of the Vulnerable Software and Affected Versions: WP QuickLaTeX WordPress plugin versions prior to 3.8.7 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is disallowed,...

Provisioning Services Database Unable to Configure

Provisioning Service database cannot be configured. When configuring the SQL server settings, the following error might appear in the Configuration Wizard log located in C:\ProgramData\Citrix\Provisioning Services\Log: 2013-07-29 14:44:37,864 1 INFO ConfigWizard - ConfigureServices: encrypt the...

CloudBridge Virtual WAN Gateway Mode and Inline Deployment Steps

This article provides step-by-step procedure in configuring a CloudBridge Virtual WAN appliance in Gateway mode based on a sample network setup...

How to Configure Logon Point for Access Gateway 5.0.4 with StoreFront 2.5 for Receiver

...

Error: "Cannot verify database connectivity" on StoreFront

Though StoreFront server is able to communicate to the SQL server over TCP port 1433, when you click Test Connection at the Deploy Multiple Server Group setup Window for StoreFront 1.1, the connection fails with the following message: Cannot verify database connectivity. The connection string...

How to Configure NetScaler and StoreFront for Internal and External Connections

This article describes how to configure NetScaler and StoreFront with two NetScaler Gateways, two StoreFront sites, two different subnet IPs, and one URL for both internal and external connections...

How to Configure XenServer to Send System Alerts through Authenticated SMTP Servers

This article describes how to configure XenServer to send system alerts through SMTP servers that require authentication. Requirements Administrative access to a XenServer host console either directly, through SSH, or by using theConsoletab in XenCenter. Background Customers can configure XenServ...

PVS Console Crashes while using XenDesktop Setup Wizard

After entering the Credentials to get the list of templates from the Hypervisor, the following error appears: "Microsoft Management Console has stopped working" Note : The issue does not occur with XenServer as Host Connections to XenServer do not allow the port number in the address...

Vulnerability in License Server and Snap-in for Desktop Studio, aka Heartbleed

Secure Configuration of Licensing Heartbleed Update In response to the recent Heartbleed vulnerability in OpenSSL CVE-2014-0160 Citrix released a security advisory, CTX140605, advising customers of its potential effects on some Citrix Licensing components. As part of the Citrix response to this...