CVE-2023-24488

Summary

Cross site scripting vulnerability in Citrix ADC and Citrix Gateway  in allows and attacker to perform cross site scripting

Affected Software

VendorProductVersion RangeStatus
CitrixCitrix ADC and Citrix Gateway 13.1 < 13.1-45.61affected
CitrixCitrix ADC and Citrix Gateway 13.0 < 13.0-90.11 affected
CitrixCitrix ADC and Citrix Gateway 12.1 < 12.1-65.35affected
CitrixCitrix ADC and Citrix Gateway 12.1-FIPS < 12.1-55.296affected
CitrixCitrix ADC and Citrix Gateway 13.1-FIPS < 13.1-37.150affected
CitrixCitrix ADC and Citrix Gateway 12.1-NDcPP < 12.1-55.296affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References