Skip to main content

Storefront Server

3 CVEs product

Monthly

CVE-2022-27503 MEDIUM PATCH This Month

Cross-site Scripting (XSS) vulnerability in Citrix StoreFront affects version 1912 before CU5 and version 3.12 before CU9. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Citrix Storefront Server
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2020-8200 MEDIUM This Month

Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Microsoft Authentication Bypass Storefront Server
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2019-13608 HIGH POC KEV THREAT This Week

Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Citrix Storefront Server
NVD
CVSS 3.1
7.5
EPSS
30.3%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Cross-site Scripting (XSS) vulnerability in Citrix StoreFront affects version 1912 before CU5 and version 3.12 before CU9. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Citrix Storefront Server
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Microsoft Authentication Bypass +1
NVD
EPSS 30% CVSS 7.5
HIGH POC KEV THREAT This Week

Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000) allows XXE attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Citrix Storefront Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy