mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-03 12:58:02 +02:00
0xMarcio
1.5 KiB
1.5 KiB
CVE-2020-8300
&color=brightgreen)
Description
Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper access control allowing SAML authentication hijack through a phishing attack to steal a valid user session. Note that Citrix ADC or Citrix Gateway must be configured as a SAML SP or a SAML IdP for this to be possible.
POC
Reference
No PoCs from references.
Github
- https://github.com/20142995/nuclei-templates
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Live-Hack-CVE/CVE-2020-8300
- https://github.com/cyb3r-w0lf/nuclei-template-collection
- https://github.com/n0-traces/cve_monitor
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/stuartcarroll/CitrixADC-CVE-2020-8300