PROBLEM:
VMware vCenter Operations Cross-Site Scripting Vulnerability
PLATFORM:
VMware vCenter Operations 1.x
ABSTRACT:
A vulnerability has been reported in VMware vCenter Operations, which can be exploited by malicious people to conduct cross-site scripting attacks.
reference LINKS:
Original Advisory
Secunia Advisory SA50795
CVE-2012-5050
IMPACT ASSESSMENT:
Medium
Discussion:
Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Impact:
A vulnerability in VMware vCenter Operations, which can be exploited to conduct cross-site scripting attacks.
Solution:
Upgrade to version 5.0.x.