cbcvebase.
CVE-2002-0504
published 2002-08-12

CVE-2002-0504: Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to…

PriorityP429high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
7.94%
94.0th percentile
Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp.

Affected

2 ranges
VendorProductVersion rangeFixed in
citrixnfuse<= 1.6
citrixnfuse
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.