An XML External Entity (XXE) processing vulnerability has been identified in Citrix XenMobile Server that could allow an unauthenticated attacker to retrieve potentially sensitive information from the server.
This vulnerability has been assigned the following CVE number:
- CVE-2017-9231: XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server.
This vulnerability affects the following Citrix XenMobile Server versions:
- Citrix XenMobile Server 10.x earlier than 10.5 RP3
All versions of Citrix XenMobile App Controller 9.x