CVE-2018-18517Cross-site Scripting in Citrix Netscaler Gateway Firmware

CWE-79Cross-site Scripting4 documents3 sources
Severity
4.8MEDIUMNVD
EPSS
0.4%
top 40.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Citrix Netscaler Gateway FirmwareCitrix ADMCitrix Hypervisor+6 more
Timeline
PublishedOct 24
Latest updateMay 14

Description

Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before 11.1.59.004, 12.0.x before 12.0.58.7, and 12.1.x before 12.1.49.1 has XSS.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:NExploitability: 1.7 | Impact: 2.7

Affected Packages9 packages

NVDcitrix/netscaler_gateway_firmware10.5.010.5.69.003+3

🔴Vulnerability Details

1
GHSA
GHSA-x523-f7ww-r66h: Citrix NetScaler Gateway 102022-05-14

📋Vendor Advisories

2
Citrix
CVE-2018-18517: Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before 11.1.59.004, 12.0.x before 12.0.58.7, and 12.1.x before 12.1.49.1 has XSS.2018-10-24
Citrix
Citrix Security Bulletin CTX239002