Cross-Site Scripting Vulnerability Discovered In Citrix NetScaler ADC And Gateway

By cyberpress.org
Publication Date:

Cloud Software Group has disclosed a serious cross-site scripting vulnerability affecting thousands of organizations worldwide.

CVE-2025-12101 affects NetScaler ADC and NetScaler Gateway platforms, exposing enterprises to session hijacking, credential theft, and the potential deployment of malware.

Security researchers discovered the flaw was already being weaponized in real-world attacks targeting vulnerable configurations.

The vulnerability enables attackers to inject malicious scripts into web pages served by affected NetScaler instances.

Once successfully exploited, threat actors can execute arbitrary code directly within users’ browsers, creating a direct pathway to sensitive corporate environments.

Organizations relying on these appliances for authentication and secure remote access face substantial risk, particularly those managing hybrid or on-premises deployments.

Multiple NetScaler versions remain vulnerable, creating a fragmented security…

Facebook
Twitter
Pinterest
LinkedIn
Digg
Tumblr
Reddit
Buffer
Blogger
Newsvine
HackerNews
Flipboard
Share
LiveJournal
Yammer
Mix
Instapaper
Copy Link
Mastodon

Related Posts