Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows reflected Cross Site Scripting (XSS).
References
Link | Resource |
---|---|
https://support.citrix.com/article/CTX276688 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Information
Published : 2020-07-10 09:15
Updated : 2020-07-13 13:40
NVD link : CVE-2020-8191
Mitre link : CVE-2020-8191
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
citrix
- netscaler_gateway_firmware
- application_delivery_controller
- 4000-wo
- 5000-wo
- 5100-wo
- application_delivery_controller_firmware
- 4100-wo
- netscaler_gateway
- gateway
- sd-wan_wanop
- gateway_firmware