Security Advisory

CVE-2020-3975

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-08-21 17:54:24

Last updated 2024-08-04 07:52:20

Assigner vmware

State PUBLISHED

Description

VMware App Volumes 2.x prior to 2.18.6 and VMware App Volumes 4 prior to 2006 contain a Stored Cross-Site Scripting (XSS) vulnerability. A malicious actor with access to create and edit applications or create storage groups, may be able to inject malicious script which will be executed by a victims browser when viewing.

← Browse all CVEs View on cve.org ↗