Description
Cross-site scripting (XSS) vulnerability in Citrix NetScaler Gateway (formerly Citrix Access Gateway Enterprise Edition) 9.x before 9.3.66.5 and 10.x before 10.1.123.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030186
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/67177
Vendor Advisory x_refsource_confirm
https://support.citrix.com/article/CTX140291
Scores
EPSS
0.0038
EPSS Percentile
59.7%
Details
CWE
CWE-79
Status
published
Products (7)
citrix/netscaler_access_gateway
citrix/netscaler_access_gateway_firmware
9.3
citrix/netscaler_access_gateway_firmware
9.3.61.5
citrix/netscaler_access_gateway_firmware
9.3.62.4
citrix/netscaler_access_gateway_firmware
10.0
citrix/netscaler_access_gateway_firmware
10.0.74.4
citrix/netscaler_access_gateway_firmware
10.1
Published
May 02, 2014
Tracked Since
Feb 18, 2026