What is CVE-2020-8191?

CVE-2020-8191 is a vulnerability in Citrix Adc, Gateway, Sdwan Wan-op, classified under Cross-site Scripting. Published 2020-07-10.

Is CVE-2020-8191 known to be exploited?

11 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

XSS in Citrix Adc, Gateway, Sdwan Wan-op

CVE-2020-8191

Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows reflected Cross Site Script…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.910 (99.7th percentile) — read the EPSS interpretation.

Affected products

N/a Citrix Adc, Gateway, Sdwan Wan-op — versions Citrix ADC and Citrix Gateway 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP 11.1.1a, 11.0.3d and 10.2.7

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

Public proof-of-concept exploits

References

support.citrix.com/article/CTX276688 (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-8191?: CVE-2020-8191 is a vulnerability in Citrix Adc, Gateway, Sdwan Wan-op, classified under Cross-site Scripting. Published 2020-07-10.
Is CVE-2020-8191 known to be exploited?: 11 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.