2 matches found
VMware vRealize Automation 6.x < 6.2.4 Unspecified Stored XSS (VMSA-2016-0003)
The VMware vRealize Automation application running on the remote host is 6.x prior to 6.2.4. It is, therefore, affected by an unspecified stored cross-site scripting vulnerability due to improper validation of user-supplied input. A remote attacker can exploit this by convincing a user to follow ...
CVE-2015-2344
VMware vRealize Automation 6.x is affected by a stored XSS vulnerability (CVE-2015-2344) in which improper input validation allows injected scripts via unspecified vectors. The issue affects 6.x releases prior to 6.2.4 on Linux and can be triggered by a crafted request, potentially compromising a...