Cross-site scripting (XSS) vulnerability in the management interface for VMware ESX 2.5.x prior to 2.5.2 upgrade patch 2, 2.1.x prior to 2.1.2 upgrade patch 6, and 2.0.x prior to 2.0.1 upgrade patch 6 allows remote malicious users to inject arbitrary web script or HTML via messages that are not sanitized when viewing syslog log files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vmware esx 2.5 |
||
vmware esx 2.5.2 |
||
vmware esx 2.0.1 |
||
vmware esx 2.1.1 |
||
vmware esx 2.1.2 |
||
vmware esx 2.0 |