Vulnerabilities > Citrix > Netscaler Application Delivery Controller > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-07-19 CVE-2023-3466 Cross-site Scripting vulnerability in Citrix products
Reflected Cross-Site Scripting (XSS)
network
low complexity
citrix CWE-79
6.1
2017-08-02 CVE-2015-3642 Information Exposure vulnerability in Citrix products
The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.1 before Build 130.13, 10.1.e before Build 130.1302.e, 10.5 before Build 55.8, and 10.5.e before Build 55.8007.e makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE).
network
high complexity
citrix CWE-200
5.9