Cross-site scripting (XSS) vulnerability in the on-line help feature in Citrix Web Interface 2.0 and earlier, and NFuse, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
https://exchange.xforce.ibmcloud.com/vulnerabilities/39123
http://www.vupen.com/english/advisories/2007/4254
http://www.securitytracker.com/id?1019132
http://www.securityfocus.com/bid/26933