CVE-2014-1899

Published: May 2, 2014Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected (7)

Products: Citrix: Netscaler Access Gateway Firmware, Netscaler Access Gateway

Citrix

2 products

Netscaler Access Gateway Firmware

Netscaler Access Gateway

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Citrix Netscaler Access Gateway Firmware	Version 10.0.74.4
Citrix Netscaler Access Gateway Firmware	Version 10.0
Citrix Netscaler Access Gateway Firmware	Version 10.1
Citrix Netscaler Access Gateway Firmware	Version 9.3.61.5
Citrix Netscaler Access Gateway Firmware	Version 9.3.62.4
Citrix Netscaler Access Gateway Firmware	Version 9.3
Citrix Netscaler Access Gateway	All versions