GHSA-gpmq-7782-jmhqHighCVSS 8.8

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of...

Published
June 17, 2026
Last Modified
June 17, 2026

🔗 CVE IDs covered (1)

📋 Description

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, e.g., the system will send a one-time password to an attacker-controlled email address when the attacker attempts to reset the password of a user account.

🔗 References (4)