HomePentest-Tools.com Logo

Citrix XenMobile XSS Vulnerability (CTX207499) CVE-2016-2789

Severity
CVSSv3 Score
6.1
Vulnerability description

Citrix XenMobile is prone to a cross-site scripting (XSS) vulnerability.

Risk description

This vulnerability could potentially be used to execute malicious client-side script in the same context as legitimate content from the web server, if this vulnerability is used to execute script in the browser of an authenticated administrator then the script may be able to gain access to the administrators session or other potentially sensitive information.

Recommendation

Update to version 10.3 Rolling Patch 1, 10.1 Rolling Patch 4 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Apr 7, 2016
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available