Multiple vulnerabilities in Citrix NetScaler

Описание

Multiple serious vulnerabilities have been found in Citrix NetScaler. Malicious users can exploit these vulnerabilities to execute or inject arbitrary code and conduct XSS attack.

Below is a complete list of vulnerabilities

1. XSS vulnerability can be exploited remotely via a specially designed search query;
2. CSRF vulnerability and improper Content-Type can be exploited remotely via a specially designed JSON.

Первичный источник обнаружения

Эксплуатация

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/36442

Связанные продукты

• Citrix-NetScaler

Список CVE

• CVE-2015-2839
  warning
• CVE-2015-2838
  high
• CVE-2015-2840
  warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com