Back to search
CVE-2017-4926
Published: Sep 15, 2017
Modified: Sep 16, 2024
PUBLISHED
Description
VMware vCenter Server (6.5 prior to 6.5 U1) contains a vulnerability that may allow for stored cross-site scripting (XSS). An attacker with VC user privileges can inject malicious java-scripts which will get executed when other VC users access the page.
| Vendor | Product | Versions |
|---|---|---|
VMware | vCenter Server | affected 6.5 prior to 6.5 U1 |
References
1039364
vdb-entry
x_refsource_SECTRACK
https://www.vmware.com/security/advisories/VMSA-2017-0015.html
x_refsource_CONFIRM
100844
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now