Low
CVE-2023-24488
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Low
(1 user assessed)
High
(1 user assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Description
Cross site scripting vulnerability in Citrix ADC and Citrix Gateway in allows and attacker to perform cross site scripting
Add Assessment
Ratings
-
Attacker ValueLow
-
ExploitabilityHigh
Technical Analysis
Summary:
A Cross-Site Scripting vulnerability has been discovered in Citrix ADC and Citrix Gateway versionslisted below.
Insufficient sanitization of URL query parameters before their inclusion in an HTTP Location header poses a security risk. Exploiting this vulnerability allows an attacker to create a manipulated link that, upon being clicked, redirects the victim to an arbitrary destination. Additionally, the attacker can insert newline characters into the Location header, prematurely terminating the HTTP headers and injecting an XSS payload into the response body.
Impact of vulnerability:
An attacker can leverage this vulnerability to construct malicious links that, when clicked, either redirect the victim to a website under the attacker’s control or execute JavaScript code within the victim’s browser.
Affected Software:
The following versions of Citrix ADC and Citrix Gateway are susceptible to this vulnerability:
Citrix ADC and Citrix Gateway 13.1 before 13.1-45.61 Citrix ADC and Citrix Gateway 13.0 before 13.0-90.11 Citrix ADC and Citrix Gateway 12.1 before 12.1-65.35 Citrix ADC 12.1-FIPS before 12.1-55.296 Citrix ADC 12.1-NDcPP before 12.1-55.296
Mitigation:
Follow the Citrix reference link to update to the latest versions that will fix the issue(s).
Would you also like to delete your Exploited in the Wild Report?
Delete Assessment Only Delete Assessment and Exploited in the Wild ReportGeneral Information
Vendors
- Citrix
Products
- Citrix ADC and Citrix Gateway
References
Additional Info
Technical Analysis
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
