KLA10536
Multiple vulnerabilities in Citrix NetScaler
Updated: 06/01/2019
Detect date
?
04/03/2015
Severity
?
High
Description

Multiple serious vulnerabilities have been found in Citrix NetScaler. Malicious users can exploit these vulnerabilities to execute or inject arbitrary code and conduct XSS attack.

Below is a complete list of vulnerabilities

  1. XSS vulnerability can be exploited remotely via a specially designed search query;
  2. CSRF vulnerability and improper Content-Type can be exploited remotely via a specially designed JSON.
Affected products

Citrix NetScaler versions earlier than 10.5 build 52.3nc

Solution

Update to the latest version
Get Citrix NetScaler

Impacts
?
ACE 
[?]

CI 
[?]

XSS/CSS 
[?]
Related products
Citrix NetScaler
CVE-IDS
?
CVE-2015-28394.3Warning
CVE-2015-28386.8High
CVE-2015-28404.3Warning