CVE-2015-6672
Citrix NetScaler ADC and Gateway - Cross-Site Scripting in Administrative Web Interface
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033618
Vendor Advisory x_refsource_confirm
http://support.citrix.com/article/CTX201334
Scores
EPSS
0.0029
EPSS Percentile
52.7%
Details
CWE
CWE-79
Status
published
Products (6)
citrix/netscaler_application_delivery_controller_firmware
10.1
citrix/netscaler_application_delivery_controller_firmware
10.5
citrix/netscaler_application_delivery_controller_firmware
10.5e
citrix/netscaler_gateway_firmware
10.1
citrix/netscaler_gateway_firmware
10.5
citrix/netscaler_gateway_firmware
10.5e
Published
Sep 17, 2015
Tracked Since
Feb 18, 2026