CVE-2010-1137

Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5, and the Server Console in VMware Server 1.0, allows remote attackers to inject arbitrary web script or HTML via the name of a virtual machine.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:vmware:virtualcenter:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:virtualcenter:2.5:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:vmware:server:1.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:vmware:esx_server:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:esx_server:3.5:*:*:*:*:*:*:*

Information

Published : 2010-04-01 12:30

Updated : 2017-09-18 18:30


NVD link : CVE-2010-1137

Mitre link : CVE-2010-1137


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

vmware

  • esx_server
  • virtualcenter
  • server