Citrix XenApp and XenDesktop XML Service Interface Remote Code Execution Vulnerability
Citrix XenApp and XenDesktop are prone to a remote code-execution vulnerability.
An attacker can exploit this vulnerability to execute arbitrary code in the context of a service account on the vulnerable server.
The following products are affected:
XenApp version 6 and prior versions
XenApp Fundamentals version 6 and prior versions
XenDesktop 4 with Feature Packs 1
XenDesktop 4 with Feature Packs 2