CVE-2023-5914

Summary

  Cross-site scripting (XSS)

Affected Software

VendorProductVersion RangeStatus
Cloud Software GroupCitrix StoreFront2308 Current Release < 1affected
Cloud Software GroupCitrix StoreFront2311 Current Release < 0affected
Cloud Software GroupCitrix StoreFront1912 LTSR < CU8 hotfix 3.22.8001.2affected
Cloud Software GroupCitrix StoreFront2203 LTSR < CU4 Update 1affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References