CVE-2025-12101

MEDIUM NUCLEI

NetScaler ADC/NetScaler Gateway - XSS

Title source: llm

Description

Cross-Site Scripting (XSS) in NetScaler ADC and NetScaler Gateway when the appliance is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Exploits (3)

github SCANNER 8 stars

by 7amzahard · pythonpoc

https://github.com/7amzahard/CVE-2025-21202-exploit

View Code ZIP pw:eip

nomisec WORKING POC 3 stars

by 6h4ack · poc

https://github.com/6h4ack/CVE-2025-12101-checker

View Code ZIP pw:eip

nomisec SCANNER

by boneys · poc

https://github.com/boneys/CVE-2025-12101-Scanner-PoC

View Code ZIP pw:eip

Nuclei Templates (1)

Citrix NetScaler ADC & Gateway - Reflected XSS / Open Redirect

MEDIUMVERIFIEDby DhiyaneshDK,watchtowr

Shodan: http.title:"citrix gateway"

References (1)

[Vendor Advisory] https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX695486

Scores

CVSS v4 5.9

EPSS 0.0204

EPSS Percentile 83.9%

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L

Details

CWE

CWE-79

Status published

Products (8)

NetScaler/ADC 12.1-FIPS and NDcPP - 55.333

NetScaler/ADC 13.1 - 60.32

NetScaler/ADC 13.1-FIPS and NDcPP - 37.250

NetScaler/ADC 14.1 - 56.73

NetScaler/Gateway 12.1-FIPS and NDcPP - 55.333

NetScaler/Gateway 13.1 - 60.32

NetScaler/Gateway 13.1-FIPS and NDcPP - 37.250

NetScaler/Gateway 14.1 - 56.73

Published Nov 11, 2025

Tracked Since Feb 18, 2026