CVE-2018-18517

Published: Oct 24, 2018Modified: Nov 21, 2024

4.8

Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Exploitability: 1.7 / Impact: 2.7

Source: NVD

Description

Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before 11.1.59.004, 12.0.x before 12.0.58.7, and 12.1.x before 12.1.49.1 has XSS.

Affected (4)

Products: Citrix: Netscaler Gateway Firmware

1 product

Netscaler Gateway Firmware

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Citrix Netscaler Gateway Firmware	From 10.5.0 to 10.5.69.003
Citrix Netscaler Gateway Firmware	From 11.1.0 to 11.1.59.004
Citrix Netscaler Gateway Firmware	From 12.0.0 to 12.0.58.7
Citrix Netscaler Gateway Firmware	From 12.1.0 to 12.1.49.1

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (6)

http://www.securityfocus.com/bid/105725

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1042023

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://support.citrix.com/article/CTX239002

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/105725

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1042023

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://support.citrix.com/article/CTX239002

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.