Citrix XenCenterWeb Multiple Input Validation Vulnerabilities
Citrix XenCenterWeb is prone to the following input-validation vulnerabilities:
- Multiple cross-site request-forgery vulnerabilities
- Multiple cross-site scripting vulnerabilities
- Multiple SQL-injection vulnerabilities
- A remote command-execution vulnerability
Exploiting these issues could allow an attacker to execute arbitrary code, perform unauthorized actions, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.