CVE-2023-20868

6.1MEDIUM

Key Information

Vendor: Vmware
Status: NSX-T
Vendor: CVE Published:; 26 May 2023

Summary

NSX-T contains a reflected cross-site scripting vulnerability due to a lack of input validation. A remote attacker can inject HTML or JavaScript to redirect to malicious pages.

Affected Version(s)

NSX-T = NSX-T 3.2.x VCF 4.5.x

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published.
May 26, 2023
Vulnerability Reserved.
Nov 1, 2022

Collectors

NVD DatabaseMitre Database