Citrix NFuse 1.6 allows remote attackers to bypass authentication and obtain sensitive information by directly calling launch.asp with invalid NFUSE_USER and NFUSE_PASSWORD parameters.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Nfuse | Citrix | 1.6 | 1.6 |