Unrated severityNVD Advisory· Published Jul 16, 2014· Updated May 6, 2026
CVE-2014-4346
CVE-2014-4346
Description
Cross-site scripting (XSS) vulnerability in administration user interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway (formerly Access Gateway Enterprise Edition) 10.1 before 10.1-126.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected products
4- cpe:2.3:h:citrix:netscaler_access_gateway:-:-:enterprise:*:*:*:*:*
- cpe:2.3:h:citrix:netscaler_application_delivery_controller:-:*:*:*:*:*:*:*
- cpe:2.3:o:citrix:netscaler_access_gateway_firmware:10.1:*:*:*:*:*:*:*
- cpe:2.3:o:citrix:netscaler_application_delivery_controller_firmware:10.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- support.citrix.com/article/CTX140863nvdVendor Advisory
- seclists.org/fulldisclosure/2014/Jul/77nvd
- secunia.com/advisories/59942nvd
- www.securityfocus.com/archive/1/532802/100/0/threadednvd
- www.securityfocus.com/bid/68535nvd
- www.securitytracker.com/id/1030572nvd
- www.securitytracker.com/id/1030573nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/94493nvd
- www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140716-2_Citrix_NetScaler_Multiple_Vulnerabilities_v10.txtnvd
News mentions
0No linked articles in our index yet.