XSS Vulnerability in View Manager Portal in VMware Products
CVE-2012-1511

Currently unrated

Key Information:

Vendor: Vmware
Status: View
Vendor: CVE Published:; 16 March 2012

What is CVE-2012-1511?

The View Manager Portal in VMware View versions prior to 4.6.1 is susceptible to a cross-site scripting (XSS) vulnerability. This flaw allows attackers to exploit the system by injecting arbitrary web script or HTML through specially crafted URLs. Successful exploitation could lead to unauthorized actions being executed in the context of the victim's session, potentially compromising sensitive information and the overall integrity of the application.

References

http://www.securitytracker.com/id?1026814

vdb-entryx_refsource_SECTRACK

http://www.vmware.com/security/advisories/VMSA-2012-0004....

x_refsource_CONFIRM

http://osvdb.org/80118

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 16, 2012
Vulnerability Reserved
Mar 8, 2012

Vmware

What is CVE-2012-1511?

References

Timeline