CVE-2012-1512
Vmware Vsphere < 4.1 - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in the internal browser in vSphere Client in VMware vSphere 4.1 before Update 2 and 5.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via a crafted log-file entry.
References (6)
Scores
EPSS
0.0070
EPSS Percentile
71.8%
Classification
CWE
CWE-79
Status
published
Affected Products (3)
vmware/vsphere
< 4.1
vmware/vsphere
< 5.0
n/a/n/a
Timeline
Published
Mar 16, 2012
Tracked Since
Feb 18, 2026