3 matches found
CVE-2019-13608
Citrix StoreFront Server is affected by CVE-2019-13608: XML External Entity (XXE) processing vulnerability present in StoreFront versions before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000). The issue enables XXE attacks, with potential impact including reading arbit...
CVE-2022-27503
CVE-2022-27503 is a reflected Cross-Site Scripting (XSS) vulnerability in Citrix StoreFront when configured with SAML authentication. The issue affects Citrix StoreFront 1912 LTSR up to CU4 (1912.0.4000) and StoreFront 3.12 up to CU8 (3.12.8000). An attacker who has a valid session could inject a...
CVE-2020-8200
CVE-2020-8200 affects Citrix StoreFront Server prior to versions 2006 (CR) and prior to CU1 for 1912 LTSR, as well as pre-CU5 for 3.12 in 7.15 LTSR. The vulnerability arises from improper authentication, allowing an attacker who is authenticated in the same Active Directory domain as a StoreFront...