5 matches found
CVE-2016-2078
Cross-site scripting XSS vulnerability in the Web Client in VMware vCenter Server 5.1 before update 3d, 5.5 before update 3d, and 6.0 before update 2 on Windows allows remote attackers to inject arbitrary web script or HTML via the flashvars parameter...
CVE-2016-2078
The CVE-2016-2078 issue is a reflected cross-site scripting (XSS) vulnerability in the VMware vSphere Web Client of vCenter Server. It affects vCenter Server 6.0 up to before 6.0 update 2, 5.5 up to before 5.5 update 3d, and 5.1 up to before 5.1 update 3d, on Windows (and associated vSphere Web C...
CVE-2016-2078
Cross-site scripting XSS vulnerability in the Web Client in VMware vCenter Server 5.1 before update 3d, 5.5 before update 3d, and 6.0 before update 2 on Windows allows remote attackers to inject arbitrary web script or HTML via the flashvars parameter...
VMWare vSphere Web Client 6.0 Cross Site Scripting
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/VMWARE-VSPHERE-FLASH-XSS.txt + ISR: apparitionsec Vendor: =============== www.vmware.com Product: ==================================== VMWare vSphere Web Client v5.1 - 6.0 A...
VMSA-2016-0006:VMware vCenter Server updates address an HIGH cross-site scripting issue
VMSA-2016-0006 VMware vCenter Server updates address an important cross-site scripting issue. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0006 VMware Security Advisory Synopsis: VMware vCenter Server updates address an important cross-site scripting issue VMware...