46 results (0.003 seconds)

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0

Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens, which allows attackers to bypass intended restrictions. This vulnerability is fixed in 1.5.2. • https://github.com/BudgetControl/Gateway/security/advisories/GHSA-jqx6-gm7f-vp7m • CWE-285: Improper Authorization •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

Arbitrary file read in Citrix ADC and Citrix Gateway • https://support.citrix.com/article/CTX477714/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202324487-cve202324488 • CWE-253: Incorrect Check of Function Return Value •

CVSS: 6.1EPSS: 7%CPEs: 8EXPL: 5

Cross site scripting vulnerability in Citrix ADC and Citrix Gateway  in allows and attacker to perform cross site scripting Los productos ADC y Gateway de Citrix son vulnerables a ataques de tipo Cross-Site Scripting (XSS). • https://github.com/NSTCyber/CVE-2023-24488-SIEM-Sigma-Rule https://github.com/raytheon0x21/CVE-2023-24488 https://github.com/securitycipher/CVE-2023-24488 https://github.com/Abo5/CVE-2023-24488 https://github.com/SirBugs/CVE-2023-24488-PoC https://support.citrix.com/article/CTX477714/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202324487-cve202324488 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0

Authenticated denial of service Denegación de servicio autenticada • https://support.citrix.com/article/CTX457048/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227507-and-cve202227508 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Unauthenticated denial of service Denegación de servicio no autenticada • https://support.citrix.com/article/CTX457048/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227507-and-cve202227508 • CWE-400: Uncontrolled Resource Consumption •