← back
CVE-2002-0504

CVE-2002-0504

EPSS 7.9%
Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/21355unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2002-03/0334.htmlhttp://www.iss.net/security_center/static/8659.phphttp://www.securityfocus.com/bid/4372