https://www.vmware.com/security/advisories/VMSA-2020-0008.html

The remote VMware ESXi host is version 6.5 or 6.7 and is affected by a cross-site scripting (XSS) vulnerability in virtual machine attributes due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker with access to modify the system properties of a virtual machine from inside the guest OS can exploit this, by inserting script-related HTML in the system properties and having a user view the system properties from the ESXi Host Client, to execute arbitrary script code in a user's ESXi Host Client session.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

a. VMware ESXi patches address Stored Cross-Site Scripting (XSS) vulnerability (CVE-2020-3955)

Description :
The VMware ESXi Host Client does not properly neutralize script-related HTML when viewing virtual machines attributes.

A malicious actor with access to modify the system properties of a virtual machine from inside the guest os (such as changing the hostname of the virtual machine) may be able to inject malicious script which will be executed by a victim's browser when viewing this virtual machine via the ESXi Host Client.

ID	Name	Product	Family	Severity
138475	ESXi 6.5 / 6.7 XSS (VMSA-2020-0008)	Nessus	Misc.	critical
136174	VMSA-2020-0008 : VMware ESXi patches address Stored Cross-Site Scripting (XSS) vulnerability	Nessus	VMware ESX Local Security Checks	critical

CVE-2020-3955

critical

Tenable Plugins

critical

critical