Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:39 p.m.10 views

CVE-2020-3955

ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base sco...

9.3CVSS6.8AI score0.01309EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/04/30 12:0 a.m.115 views

VMSA-2020-0008 : VMware ESXi patches address Stored Cross-Site Scripting (XSS) vulnerability

a. VMware ESXi patches address Stored Cross-Site Scripting XSS vulnerability CVE-2020-3955 Description : The VMware ESXi Host Client does not properly neutralize script-related HTML when viewing virtual machines attributes. A malicious actor with access to modify the system properties of a virtua...

9.3CVSS8.2AI score0.01309EPSS
Exploits0References2
NVD
NVD
added 2020/04/29 3:15 a.m.19 views

CVE-2020-3955

ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base sco...

9.3CVSS9.3AI score0.01309EPSS
Exploits0References1
CVE
CVE
added 2020/04/29 2:14 a.m.196 views

CVE-2020-3955

CVE-2020-3955 affects VMware ESXi 6.5 and 6.7 via a stored XSS in the ESXi Host Client when viewing virtual machine attributes. The underlying issue is improper neutralization of script-related HTML, allowing an authenticated attacker who can modify VM properties (e.g., hostname) to inject script...

9.3CVSS9.1AI score0.01309EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder