Vulnerabilities

CVE-2007-0011

by Fred · 05/11/2007

The web portal interface in Citrix Access Gateway (aka Citrix Advanced Access Control) before Advanced Edition 4.5 HF1 places a session ID in the URL, which allows context-dependent attackers to hijack sessions by reading "residual information", including the a referer log, browser history, or browser cache.

Date published : 2007-11-05

http://www.securityfocus.com/bid/24975

http://www.securityfocus.com/archive/1/482626/100/100/threaded

Related

Tags: Cybersecurity Alert