Cross-site scripting (XSS) vulnerability in the management interface for VMware ESX 2.5.x before 2.5.2 upgrade patch 2, 2.1.x before 2.1.2 upgrade patch 6, and 2.0.x before 2.0.1 upgrade patch 6 allows remote attackers to inject arbitrary web script or HTML via messages that are not sanitized when viewing syslog log files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Esx | Vmware | 2.0 | 2.0 |
Esx | Vmware | 2.0.1 | 2.0.1 |
Esx | Vmware | 2.1.1 | 2.1.1 |
Esx | Vmware | 2.1.2 | 2.1.2 |
Esx | Vmware | 2.5 | 2.5 |
Esx | Vmware | 2.5.2 | 2.5.2 |