CVE-2005-3971 Information

Description

Cross-site scripting (XSS) vulnerability in the login form in Citrix MetaFrame Secure Access Manager 2.0 through 2.2 and NFuse Elite 1.0 allows remote attackers to inject arbitrary web script or HTML via the username field.

Reference

http://secunia.com/advisories/17819 http://securitytracker.com/id?1015304 http://securitytracker.com/id?1015305 http://support.citrix.com/article/CTX108208 http://www.securityfocus.com/bid/15664 http://www.vupen.com/english/advisories/2005/2676 https://exchange.xforce.ibmcloud.com/vulnerabilities/23396