CVE-2014-4346
published 2014-07-16CVE-2014-4346: Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway…
PriorityP420medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.68%
74.1th percentile
Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_access_gateway_firmware | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_adc_gateway | — | — |
| citrix | netscaler_application_delivery_controller_firmware | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenserver | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rf98-23w8-rpx5: Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gate
ghsa_unreviewed·2022-05-14
CVE-2014-4346 [MEDIUM] CWE-79 GHSA-rf98-23w8-rpx5: Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gate
Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Citrix
CVE-2014-4346: Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gate
vendor_citrix·2014-07-16·CVSS 4.3
CVE-2014-4346 [MEDIUM] CWE-79 CVE-2014-4346: Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gate
CVE-2014-4346: Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Citrix
Citrix Security Bulletin CTX140863
vendor_citrix·CVSS 4.3
CVE-2014-4346 [MEDIUM] Citrix Security Bulletin CTX140863
Citrix Security Bulletin CTX140863
CVE References: CVE-2014-4346, CVE-2014-4347, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://seclists.org/fulldisclosure/2014/Jul/77http://secunia.com/advisories/59942http://support.citrix.com/article/CTX140863http://www.securityfocus.com/archive/1/532802/100/0/threadedhttp://www.securityfocus.com/bid/68535http://www.securitytracker.com/id/1030572http://www.securitytracker.com/id/1030573https://exchange.xforce.ibmcloud.com/vulnerabilities/94493https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txthttp://seclists.org/fulldisclosure/2014/Jul/77http://secunia.com/advisories/59942http://support.citrix.com/article/CTX140863http://www.securityfocus.com/archive/1/532802/100/0/threadedhttp://www.securityfocus.com/bid/68535http://www.securitytracker.com/id/1030572http://www.securitytracker.com/id/1030573https://exchange.xforce.ibmcloud.com/vulnerabilities/94493https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txt
2014-07-16
Published