Netscaler Knowledgebase

Hi all,

We use netscaler as application firewall. Scanning tool finds XSS vulnerabilities on the pages those require authentication. When I have checked the scan results I have found that the vulnerebality is not on the web application itself. Instead, it is on a netscaler page which is displayed temporarily to redirect a request to the login page. You may find two response examples below. Is there a workaround for this issue? Where can I find this page to work on it? (on which path on the netscaler installation)



GET /no5_such3_file7.cgi?"><script>alert(73541);</script> HTTP/1.1
Host: xxxxxxxxxxxxxxxx
Connection: Keep-Alive


<html><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8"><script type="text/javascript"
src="/vpn/resources.js"></script><script type="text/javascript" language="javascript">var Resources = new
ResourceManager("/vpn/resources/{lang}", "AAATM_REDIRECT_FORM");</script><style type="text/css">body{ visibility:
hidden;}</style></head><body onLoad='document.forms[0].submit();'><form action="xxxxxxxxxxxxxxxx/cgi/tm" method="post"><input
type=hidden name=loc value="xxxxxxxxxxxxxxxx/no5_such3_file7.cgi?"><script>alert(73541);</script>"><span id="If you are not automatically
redirected click "></span><input id="Continue" type="submit" value="Continue"><span id="Trailing phrase after Continue
button"></span></form><script type="text/javascript" language="javascript">Resources.Load();</script></body></html>