CVE-2014-4346

Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1:*:*:*:*:*:*:*
cpe:2.3:h:citrix:netscaler_application_delivery_controller:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.1:*:*:*:*:*:*:*
cpe:2.3:h:citrix:netscaler_access_gateway:-:-:enterprise:*:*:*:*:*

Information

Published : 2014-07-16 07:19

Updated : 2018-10-09 12:49


NVD link : CVE-2014-4346

Mitre link : CVE-2014-4346


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

citrix

  • netscaler_application_delivery_controller_firmware
  • netscaler_access_gateway_firmware
  • netscaler_access_gateway
  • netscaler_application_delivery_controller