Signatures Alert Articles

Signature update version 27

September 21, 2020

Contributed by:

New signatures rules are generated for the vulnerabilities identified in version 27. You can download and configure these signature rules to protect your appliance from security vulnerable attacks. The signature update includes the signature ID, signature version, and list of CVEs addressed.

Signature version

Signature version 27 applicable to NetScaler VPX 11.1, NetScaler 12.0, and Citrix ADC 12.1 platforms.

Common Vulnerability Entry (CVE) insight

Following is a list of signature rules, CVE IDs, and its description.

Signature rule	CVE ID	Description
999921	cve-2018-1002000	WEB-MISCWordpress Arigato Autoresponder and Newsletter SQL Injection vulnerability.
999920		WEB-MISCWordPress Plugin Corner Ad 1.0.7 - Stored Cross-Site Scripting
999919	cve-2018-1002009	WEB-MISCWordpress Arigato Autoresponder and Newsletter bft_unsubscribe XSS vulnerability.
999918	cve-2018-1002002	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999918	cve-2018-1002003	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999918	cve-2018-1002004	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999918	cve-2018-1002005	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999918	cve-2018-1002006	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999918	cve-2018-1002007	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999917	cve-2018-1002001	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999917	cve-2018-1002008	WEB-MISCWordpress Arigato Autoresponder and Newsletter multiple XSS vulnerability.
999916	cve-2018-8719	WEB-MISCWordPress Plugin WP Security Audit Log - wp-content/uploads/wp-security-audit-log/* unrestricted access
999915	cve-2019-7743	WEB-MISC- Joomla phar:// stream wrapper object injection vulnerability execution of uploaded non-phar files
999914		WEB-MISCWordpress plugin E-mail Subscribers and Newsletters 3.4.7 information disclosure vulnerability
999913		WEB-MISCWordPress Plugin AD Manager WD v1.0.11 - wd_ads_admin_class.php Arbitrary File Download
999912		WEB-IISMicrosoft IIS - Short File/Folder Name Disclosure

The official version of this content is in English. Some of the Citrix documentation content is machine translated for your convenience only. Citrix has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Citrix product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Citrix, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Citrix will not be held responsible for any damage or issues that may arise from using machine-translated content.

Signature update version 27

September 21, 2020

Contributed by:

September 21, 2020

Contributed by:

Signature update version 27

Signature version

Common Vulnerability Entry (CVE) insight

Signature update version 27

In this article