from CTX127541:

A cross-site scripting vulnerability has been identified in specific versions of Citrix Web Interface.

This vulnerability could potentially be used to execute malicious client-side script in the same context as legitimate content from the web server; if this vulnerability is used to execute script in the browser of an authenticated user then the script may be able to gain access to the authenticated user’s session or other potentially sensitive information.

This vulnerability affects all version 5.x Citrix Web Interface installations up to and including version 5.3.

So you should consider upgrading to version 5.4 which has a new look (again):