Research Notes
June 29, 2023

Advisory: Citrix Gateway Open Redirect and XSS (CVE-2023-24488)

No items found.
Creative Commons license


URL query parameters are not adequately sanitised before they are placed into an HTTP <span class="code_single-line">Location</span> header. An attacker can exploit this to create a link which, when clicked, redirects the victim to an arbitrary location. Alternatively the attacker can inject newline characters into the <span class="code_single-line">Location</span> header, to prematurely end the HTTP headers and inject an XSS payload into the response body.


An attacker can craft malicious links which, when clicked, either redirect the victim to an attacker controlled website or execute JavaScript in the victim’s browser.

Affected Software

The following versions are affected by this vulnerability:

  • Citrix ADC and Citrix Gateway 13.1 before 13.1-45.61
  • Citrix ADC and Citrix Gateway 13.0 before 13.0-90.11
  • Citrix ADC and Citrix Gateway 12.1 before 12.1-65.35
  • Citrix ADC 12.1-FIPS before 12.1-55.296
  • Citrix ADC 12.1-NDcPP before 12.1-55.296

Product Description

Citrix Gateway is a network appliance providing multiple functions including remote access VPN services.


Upgrade to the latest version of Citrix Gateway.

Citrix’s official advisory can be found here.

Blog Post

The blog post detailing the steps taken for the discovery of this vulnerability can be found here.


Dylan Pindur - Assetnote Security Research Team

Written by:
Dylan Pindur
Your subscription could not be saved. Please try again.
Your subscription has been successful.

Get updates on our research

Subscribe to our newsletter and stay updated on the newest research, security advisories, and more!

Ready to get started?

Get on a call with our team and learn how Assetnote can change the way you secure your attack surface. We'll set you up with a trial instance so you can see the impact for yourself.