CVE-2017-4940

2017-12-20T15:29:00
ID CVE-2017-4940
Type cve
Reporter cve@mitre.org
Modified 2018-01-08T23:47:00

Description

The ESXi Host Client in VMware ESXi (6.5 before ESXi650-201712103-SG, 5.5 before ESXi600-201711103-SG and 5.5 before ESXi550-201709102-SG) contains a vulnerability that may allow for stored cross-site scripting (XSS). An attacker can exploit this vulnerability by injecting Javascript, which might get executed when other users access the Host Client.