A recently disclosed critical flaw in Citrix NetScaler ADC and Gateway devices is being exploited by threat actors to conduct a credential harvesting campaign.
IBM X-Force, which uncovered the activity last month,Β saidΒ adversaries exploited "CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user
Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution.
Tracked asΒ CVE-2023-23383Β (CVSS score: 8.2), the issue has been dubbed "Super FabriXss" by Orca Security, a nod to theΒ FabriXss flawΒ (CVE-2022-35829, CVSS score: 6.2) that was fixed by Microsoft in October 2022.
"The Super FabriXss vulnerability
Login
FreshRSS