CVE-2025-66391
HighCVSS 8.8Summary
In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, allowing an attacker to reset a user's password by sending a one-time password to an attacker-controlled email address.
Risk Assessment
The organization may be exposed to unauthorized changes to user accounts, leading to potential data loss and security breaches.
Recommendation
It is recommended to restrict access to password reset functions only to accounts with appropriate permissions and to monitor the activity of read-only accounts.
Original NVD description (English source)
In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, e.g., the system will send a one-time password to an attacker-controlled email address when the attacker attempts to reset the password of a user account.

