Vulnerabilities > Citrix > Nfuse > 1.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-08-12 | CVE-2002-0504 | Cross-Site Scripting vulnerability in Citrix Nfuse 1.5/1.51/1.6 Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp. | 7.5 |
2002-08-12 | CVE-2002-0502 | Unspecified vulnerability in Citrix Nfuse 1.6 Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page. | 5.0 |
2002-05-31 | CVE-2002-0301 | Information Disclosure vulnerability in Citrix Nfuse 1.6 Citrix NFuse 1.6 allows remote attackers to bypass authentication and obtain sensitive information by directly calling launch.asp with invalid NFUSE_USER and NFUSE_PASSWORD parameters. | 5.0 |