Cross-site Scripting Vulnerability in VMware vSphere Client
CVE-2012-1512

Currently unrated

Key Information:

Vendor
Vmware
Status
Vendor
CVE Published:
16 March 2012

Summary

A cross-site scripting vulnerability exists in the internal browser of VMware's vSphere Client, impacting versions prior to specified updates. This flaw allows remote attackers to inject malicious web scripts or HTML through crafted log-file entries, potentially compromising the security of users and systems interacting with the vSphere Client.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.