Cross-site scripting (XSS) vulnerability in the login form in Citrix MetaFrame Secure Access Manager 2.0 through 2.2 and NFuse Elite 1.0 allows remote attackers to inject arbitrary web script or HTML via the username field.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:03
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/17819 - Patch, Vendor Advisory | |
References | () http://securitytracker.com/id?1015304 - | |
References | () http://securitytracker.com/id?1015305 - | |
References | () http://support.citrix.com/article/CTX108208 - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/15664 - Patch | |
References | () http://www.vupen.com/english/advisories/2005/2676 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/23396 - |
Information
Published : 2005-12-03 19:03
Updated : 2024-11-21 00:03
NVD link : CVE-2005-3971
Mitre link : CVE-2005-3971
CVE.ORG link : CVE-2005-3971
JSON object : View
Products Affected
citrix
- nfuse
- metaframe_secure_access_manager
CWE