CVE-2023-24488 PoC — Citrix Systems Citrix Gateway和Citrix ADC 跨站脚本漏洞

Source

https://github.com/NSTCyber/CVE-2023-24488-SIEM-Sigma-Rule

Associated Vulnerability

Title:Citrix Systems Citrix Gateway和Citrix ADC 跨站脚本漏洞 (CVE-2023-24488)
Description:Citrix Systems Citrix Gateway（Citrix Systems NetScaler Gateway）和Citrix ADC都是美国思杰系统（Citrix Systems）公司的产品。Citrix Gateway是一套安全的远程接入解决方案。该产品可为管理员提供应用级和数据级管控功能，以实现用户从任何地点远程访问应用和数据。Citrix ADC是一个最全面的应用程序交付和负载平衡解决方案。用于实现应用程序安全性、整体可见性和可用性。 Citrix ADC 和 Citrix Gate

Description

Detect CVE-2023-24488 Exploitation Attempts

Readme

# Sigma Rule: Detection of Pre-Auth XSS CVE-2023-24488

Detect  Citrix Gateway  Pre-Auth XSS CVE-2023-24488  vulnerability exploitation attempts.
This Sigma rule looks for  XSS attack patterns in the `post_logout_redirect_uri` query parameter.


## Rule Description

The provided Sigma rule is designed to identify potential XSS attacks targeting the `post_logout_redirect_uri` parameter. It uses a regular expression pattern to match specific payloads commonly associated with XSS attacks.

## Usage

To utilize this Sigma rule,  You can import this rule into your SIEM platform to enhance your detection capabilities for Pre-Auth XSS CVE-2023-24488.

## Contribution

Contributions, bug reports, and suggestions are welcome! Feel free to open issues or submit pull requests to enhance the rule.

File Snapshot


 [4.0K]  /data/pocs/f761076694f67677c9cfc48599c15e61dbd04257
├── [ 682]  CVE-2023-24488.yml
└── [ 800]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!