漏洞信息详情
Citrix Metaframe XP跨站脚本漏洞
- CNNVD编号:CNNVD-200312-281
- 危害等级: 低危
- CVE编号: CVE-2003-1157
- 漏洞类型: 跨站脚本
- 发布时间: 2003-12-31
- 威胁类型: 远程
- 更新时间: 2009-09-19
- 厂 商: citrix
- 漏洞来源: The discovery of t...
漏洞简介
Citrix MetaFrame XP Server 1.0版本的login.asp存在跨站脚本(XSS)漏洞。远程攻击者借助NFuse_Message参数注入任意web脚本或者HTML。
漏洞公告
It has been reported that Citrix has addressed this issue in the latest Metaframe update, which is said to be available from the following URL. This has not been verified by Symantec. http://www.mycitrix.com
参考网址
http://www.osvdb.org/2762※http://www.securityfocus.com/archive/1/343040※http://www.securityfocus.com/bid/27948※http://www.securityfocus.com/bid/8939※http://xforce.iss.net/xforce/xfdb/13569※http://xforce.iss.net/xforce/xfdb/40782※http://secunia.com/advisories/10127※※http://www.citrix.com/※http://www.securityfocus.com/data/vulnerabilities/exploits/27948.HTML※
受影响实体
- Citrix Metaframe:1.0:Xp
补丁
暂无
评论