XSS Vulnerability in WebAccess of VMware VirtualCenter and ESX
CVE-2009-2277

Currently unrated

Key Information:

Vendor
Vmware
Vendor
CVE Published:
1 April 2010

Summary

A cross-site scripting vulnerability exists in the WebAccess component of VMware VirtualCenter and ESX, allowing remote attackers to inject arbitrary web script or HTML into the affected systems. This vulnerability can be exploited through various vectors related to 'context data', posing significant security threats to users. When exploited, this XSS flaw can lead to unauthorized actions or data exposure, emphasizing the need for immediate attention and patching.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.