XSS in Citrix Netscaler_application_delivery_controller_firmware
CVE-2015-7997
Multiple cross-site scripting (XSS) vulnerabilities in the Nitro API in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 133.9, 10.5 before Build 58.11, and 10.5.e before Build 56.1505.e on Net…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.003 (53.0th percentile) — read the EPSS interpretation.
Affected products
- Citrix Netscaler_application_delivery_controller_firmware — versions 10.1, 10.5
- Citrix Netscaler_gateway_firmware — versions 10.1, 10.5
- Citrix Netscaler_service_delivery_appliance_service_vm — versions 10.5e
- N/a — versions n/a
Weakness classification (CWE)
References
- 1034167 (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)