CVE-2007-0011

CVE-2007-0011 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The web portal interface in Citrix Access Gateway (aka Citrix Advanced Access Control) before Advanced Edition 4.5 HF1 places a session ID in the URL, which allows context-dependent attackers to hijack sessions by reading "residual information", including the a referer log, browser history, or browser cache.

Learn more about our Web App Pen Testing.