Arbitrary Web Script Injection in Citrix MetaFrame Secure Access Manager and NFuse Elite Login Form

Arbitrary Web Script Injection in Citrix MetaFrame Secure Access Manager and NFuse Elite Login Form

CVE-2005-3971 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the login form in Citrix MetaFrame Secure Access Manager 2.0 through 2.2 and NFuse Elite 1.0 allows remote attackers to inject arbitrary web script or HTML via the username field.

Learn more about our Web App Pen Testing.