This script is Copyright (C) 2017 Tenable Network Security, Inc.
A virtualization management application installed on the remote host
is affected by a stored cross-site scripting vulnerability.
The version of VMware vCenter Server installed on the remote host is
6.5.x prior to 6.5u1. It is, therefore, affected by a user-input
validation error related to the 'H5 Client' that allows stored
cross-site scripting (XSS) attacks.
See also :
Upgrade to VMware vCenter Server version 6.5.0u1 (6.5.0
build-5973321) or later. Alternatively, apply the vendor-supplied
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true