CVE-2015-6931

Cross-site scripting (XSS) vulnerability in the vSphere Web Client in VMware vCenter Server 5.0 before U3g, 5.1 before U3d, and 5.5 before U2d allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:vmware:vcenter_server:5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:5.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:5.5:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-07-03 01:59

Updated : 2024-02-04 18:53


NVD link : CVE-2015-6931

Mitre link : CVE-2015-6931

CVE.ORG link : CVE-2015-6931


JSON object : View

Products Affected

vmware

  • vcenter_server
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')