CVE-2012-1511

Vmware View < 4.6.0 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

References (7)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html

[Vendor Advisory] http://www.vmware.com/security/advisories/VMSA-2012-0004.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/52526

[Third Party Advisory, VDB Entry] http://osvdb.org/80118

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16664

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1026814

[Third Party Advisory] http://secunia.com/advisories/48379

Scores

EPSS 0.0029

EPSS Percentile 52.5%

Classification

CWE

CWE-79

Status published

Affected Products (2)

vmware/view < 4.6.0

n/a/n/a

Timeline

Published Mar 16, 2012

Tracked Since Feb 18, 2026