An attacker may hijack form values in a NetScaler Gateway login form via cookie tampering resulting in stolen user credentials.
The following vulnerability has been addressed:
CVE-2016-4945: Login Form Hijacking vulnerability in Citrix NetScaler Gateway
These vulnerabilities affect the following versions of Citrix NetScaler Gateway:
- Version 11.0 earlier than 11.0 Build 66.11.
Versions 10.5, 10.5.e and 10.1 are unaffected by this vulnerability.