2009-07-06
Secure Network releases the security advisory SN-09-01 for multiple vulnerabilities found in Citrix XenCenterWeb.
SN-09-01: Because of poor validation of some user controlled inputs, a variety of attacks against the application and the underlying server are possible. Cross-site scripting, cross-site request forgery, SQL injection and remote command execution attack vectors were identified as well.