VMware App Volumes 2.x before 2.18.6 and VMware App Volumes 4 before 2006 contain a Stored Cross-Site Scripting (XSS) vulnerability. A malicious actor with access to create and edit applications or create storage groups, may be able to inject malicious script which will be executed by a victim's browser when viewing.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vmware app volumes |