Cross-site Scripting Vulnerability in VMware VirtualCenter and ESX Products
CVE-2010-1137
Currently unrated
Summary
A cross-site scripting (XSS) vulnerability exists in VMware's WebAccess, affecting specific versions of VMware VirtualCenter and ESX. This flaw enables remote attackers to inject arbitrary web scripts or HTML via manipulating the name of a virtual machine. By exploiting this vulnerability, attackers may execute malicious scripts in the context of the user, potentially compromising sensitive data and user interactions.
References
Timeline
Vulnerability published
Vulnerability Reserved