XSS Vulnerability in WebAccess of VMware VirtualCenter and ESX
CVE-2009-2277
Currently unrated
Summary
A cross-site scripting vulnerability exists in the WebAccess component of VMware VirtualCenter and ESX, allowing remote attackers to inject arbitrary web script or HTML into the affected systems. This vulnerability can be exploited through various vectors related to 'context data', posing significant security threats to users. When exploited, this XSS flaw can lead to unauthorized actions or data exposure, emphasizing the need for immediate attention and patching.
References
Timeline
Vulnerability published
Vulnerability Reserved