Description

The Citrix Gateway is vulnerable to Open Redirect and XSS (cross-site scripting). The value of the post_logout_redirect_uri query parameter is not properly sanitized before being placed into an HTTP Location header. Attackers can exploit this flaw to create a malicious link which redirects the victim to an arbitrary location or prematurely ends the HTTP headers to inject an XSS payload into the response body.

Remediation

Users are advised to update their Citrix Gateway to the latest version, as the versions Citrix ADC and Citrix Gateway 13.1 before 13.1-45.61, Citrix ADC and Citrix Gateway 13.0 before 13.0-90.11, Citrix ADC and Citrix Gateway 12.1 before 12.1-65.35, Citrix ADC 12.1-FIPS before 12.1-55.296, and Citrix ADC 12.1-NDcPP before 12.1-55.296 are known to be affected. Please refer to Citrix's official advisory for more information and support.

References

Citrix ADC and Citrix Gateway Security Bulletin for CVE-2023-24487, CVE-2023-24488

Advisory: Citrix Gateway Open Redirect and XSS (CVE-2023-24488)

Related Vulnerabilities

WordPress Plugin Advanced Custom Fields:Table Field Cross-Site Scripting (1.1.12)

WordPress Plugin WP Sitemap Page Cross-Site Scripting (1.6.6)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.0.17)

WordPress Plugin LinkedIn by BestWebSoft Cross-Site Scripting (1.0.4)

WordPress Plugin Subscriber by BestWebSoft Cross-Site Scripting (1.3.4)

Severity

High

Classification

CWE-79 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Tags

Url Redirection XSS Citrix Gateway Open Redirect and XSS