CVE-2023-5914
MEDIUM EXPLOITED NUCLEICitrix StoreFront < 1912 and < 2308.1 - Cross-Site Scripting
Title source: llmExploitation Summary
CVE-2023-5914 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
Cross-site scripting (XSS)
Nuclei Templates (1)
Citrix StoreFront - Cross-Site Scripting
MEDIUMby DhiyaneshDK
Shodan:
html:"/Citrix/StoreWeb" || http.html:"/citrix/storeweb"
FOFA:
body="/citrix/storeweb"
References (1)
Core 1
Core References
Scores
CVSS v3
5.4
EPSS
0.7314
EPSS Percentile
99.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
VulnCheck KEV
2024-05-08
CWE
CWE-79
Status
published
Products (3)
cloud/citrix_storefront
1912
cloud/citrix_storefront
< 1912
cloud/citrix_storefront
< 2308.1
Published
Jan 17, 2024
Tracked Since
Feb 18, 2026