漏洞信息详情
Citrix Metaframe XP跨站脚本漏洞
- CNNVD编号:CNNVD-200312-281
- 危害等级: 低危
- CVE编号: CVE-2003-1157
- 漏洞类型: 跨站脚本
- 发布时间: 2003-12-31
- 威胁类型: 远程
- 更新时间: 2009-09-19
- 厂 商: citrix
- 漏洞来源: The discovery of t...
漏洞简介
Citrix MetaFrame XP Server 1.0版本的login.asp存在跨站脚本(XSS)漏洞。远程攻击者借助NFuse_Message参数注入任意web脚本或者HTML。
漏洞公告
It has been reported that Citrix has addressed this issue in the latest Metaframe update, which is said to be available from the following URL. This has not been verified by Symantec. http://www.mycitrix.com
参考网址
http://www.osvdb.org/2762※http://www.securityfocus.com/archive/1/343040※http://www.securityfocus.com/bid/27948※http://www.securityfocus.com/bid/8939※http://xforce.iss.net/xforce/xfdb/13569※http://xforce.iss.net/xforce/xfdb/40782※http://secunia.com/advisories/10127※※http://www.citrix.com/※http://www.securityfocus.com/data/vulnerabilities/exploits/27948.HTML※
受影响实体
- Citrix Metaframe:1.0:Xp
补丁
暂无
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
评论