CVE-2023-6184

Published Jan 18, 2024

Last updated 10 months ago

CVSS high 7.2

Overview

Description: Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross Site Scripting
Source: secure@citrix.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.2
Impact score: 5.9
Exploitability score: 1.2
Vector string: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-79
secure@citrix.com: CWE-913

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:*:*:*:*:-:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "145B0427-AFE9-4C0E-AABB-A460F4D4A690",
            "versionEndIncluding": "2311"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:-:*:*:ltsr:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9330183-B04B-46F1-9DA6-5EAF216DFCC3"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu1:*:*:ltsr:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2486FD4-AF16-4F57-836A-42A2D11012C8"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu2:*:*:ltsr:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BF66372-CFDC-42DD-87FA-480DC0565977"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DE66CEF-6D57-429A-9776-E5ED73827A8F"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu3:*:*:ltsr:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE1E7523-EEB7-46CE-A01E-04FACB407395"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu4:*:*:ltsr:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B60552E-923B-4064-96D9-0F565C58695C"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu5:*:*:ltsr:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21EC9092-FCA9-41AA-9A9B-83D7E3DABB2E"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu6:*:*:ltsr:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5353646C-E3FB-4315-83C7-D6EEE258C964"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:1912:cu7:*:*:ltsr:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A7169FA-E416-436B-B9D1-6249E0E1BC16"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:2203:-:*:*:ltsr:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AE1E7FC-9E2C-45BC-9F12-43149210D261"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:2203:cu1:*:*:ltsr:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AEBE958-3A73-4F9D-932E-62495408A609"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:2203:cu2:*:*:ltsr:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBD9FA8E-333E-4231-9F7D-08A604D065AF"
          },
          {
            "criteria": "cpe:2.3:a:citrix:virtual_apps_and_desktops:2203:cu3:*:*:ltsr:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E928A6F-EEAF-4142-BA77-30845345C28D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References