Signature update version 165
New signatures rules are generated for the vulnerabilities identified in the week 2025-11-26. You can download and configure these signature rules to protect your appliance from security vulnerable attacks.
Signature version
Signature version 165 applicable for Citrix ADC 12.1, Citrix ADC 13.0, NetScaler 13.1, NetScaler 14.1 platforms.
Note
Enabling Post body and Response body signature rules might affect NetScaler CPU.
Common Vulnerability Entry (CVE) insight
Following is a list of signature rules, CVE IDs, and its description.
| Signature rule | CVE ID | Description |
|---|---|---|
| 998202 | CVE-2025-56380 | WEB-MISC ERPNext and Frappe Framework - SQL Injection Vulnerability Via JSON Payload (CVE-2025-56380) |
| 998203 | CVE-2025-56380 | WEB-MISC ERPNext and Frappe Framework - SQL Injection Vulnerability Via fieldname (CVE-2025-56380) |
| 998204 | CVE-2025-56381 | WEB-MISC ERPNext and Frappe Framework - SQL Injection Vulnerability Via JSON Payload (CVE-2025-56381) |
| 998205 | CVE-2025-56381 | WEB-MISC ERPNext and Frappe Framework - SQL Injection Vulnerability Via group_by (CVE-2025-56381) |
| 998206 | CVE-2025-56381 | WEB-MISC ERPNext and Frappe Framework - SQL Injection Vulnerability Via order_by (CVE-2025-56381) |
| 998207 | CVE-2025-41243, CVE-2022-22947 | WEB-MISC Spring Cloud Gateway Server Multiple Versions - Environment Property Modification Vulnerability (CVE-2025-41243) |
| 998208 | CVE-2025-9152 | WEB-MISC WSO2 Multiple Products and Versions - Authentication Bypass Vulnerability (CVE-2025-9152) |
| 998209 | CVE-2025-53772 | WEB-MISC Microsoft Web Deploy - Unsafe Deserialization Vulnerability (CVE-2025-53772) |
| 998210 | CVE-2025-11833 | WEB-WORDPRESS POST SMTP Prior To 3.6.1 - Missing Authorization Vulnerability (CVE-2025-11833) |
Signature update version 165
Copied!
Failed!