Page 4 of 25 results (0.034 seconds)

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0

There are Unauthenticated File Upload Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. Hay vulnerabilidades de subida de archivos sin autenticar en Citrix XenMobile Server, en versiones 10.8 anteriores a la RP2 y 10.7 anteriores a la RP3. • https://support.citrix.com/article/CTX234879 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3. Hay una vulnerabilidad de fuga de información sensible en Citrix XenMobile Server, en versiones 10.7 anteriores a la RP3. • https://support.citrix.com/article/CTX234879 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 1

There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. Hay una vulnerabilidad de procesamiento de XEE (XML External Entity) en Citrix XenMobile Server, en versiones 10.8 anteriores a la RP2 y 10.7 anteriores a la RP3. Citrix XenMobile Server version 10.8 suffers from an XML external entity injection vulnerability. • https://www.exploit-db.com/exploits/47951 http://packetstormsecurity.com/files/156037/Citrix-XenMobile-Server-10.8-XML-Injection.html https://support.citrix.com/article/CTX234879 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0

There is a Cross-Site Scripting Vulnerability in Citrix XenMobile Server 10.7 before RP3. Hay una vulnerabilidad de Cross-Site Scripting (XSS) en Citrix XenMobile Server, en versiones 10.7 anteriores a la RP3. • https://support.citrix.com/article/CTX234879 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

XML external entity (XXE) vulnerability in Citrix XenMobile Server 9.x and 10.x before 10.5 RP3 allows attackers to obtain sensitive information via unspecified vectors. Una vulnerabilidad de tipo XML external entity (XXE) en Citrix XenMobile Server versión 9.x y versión 10.x anterior a 10.5 RP3, permite a los atacantes obtener información confidencial por medio de vectores no especificados. • http://www.securityfocus.com/bid/98995 http://www.securitytracker.com/id/1038704 https://support.citrix.com/article/CTX220138 • CWE-611: Improper Restriction of XML External Entity Reference •