CVE-2023-24488

The repository contains a Python script that checks for CVE-2023-24488, an open redirect and XSS vulnerability in Citrix Gateway. The script tests for the presence of an injected XSS payload in the response body and a 302 status code, indicating potential vulnerability.

The repository contains functional PoC code in Go and Python that demonstrates CVE-2023-24488, a reflected XSS vulnerability in Citrix Gateway and Citrix ADC. The exploit sends a crafted URL with a malicious script in the `post_logout_redirect_uri` parameter and checks for the presence of the script in the response.

This repository contains a Sigma rule for detecting exploitation attempts of CVE-2023-24488, a pre-auth XSS vulnerability in Citrix Gateway. The rule identifies malicious patterns in the `post_logout_redirect_uri` parameter but does not include functional exploit code.

The repository contains a Go-based tool that scans for CVE-2023-24488 by checking if a target URL is vulnerable to an open redirect and XSS attack via a crafted logout endpoint. It does not exploit the vulnerability but detects it by verifying the presence of a malicious script in the response.

This repository contains a Sigma rule for detecting exploitation attempts of CVE-2023-24488, a pre-auth XSS vulnerability in Citrix Gateway. The rule identifies malicious patterns in the `post_logout_redirect_uri` parameter.

The repository contains a functional Nuclei template for CVE-2023-24488, which exploits an XSS vulnerability in Citrix Gateway via a crafted `post_logout_redirect_uri` parameter. The template sends a malicious payload and checks for the reflected script in the response.

This repository contains a collection of methodologies and techniques for web application security testing, including XSS, SQL injection, open redirect, and reconnaissance strategies. It provides detailed technical guidance and tool usage examples but does not include functional exploit code for CVE-2023-24488.