QwikSec

Security Database

CVE

CWE

Training

CVE-2014-4346

Published: Jul 16, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

http://support.citrix.com/article/CTX140863

x_refsource_CONFIRM

citrix-netscaler-cve20144346-xss(94493)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway

mailing-list

x_refsource_FULLDISC

vdb-entry

x_refsource_SECTRACK

20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.