VMware vCenter Server Appliance Unspecified XSS (VMSA-2014-0012)
Medium Nessus Plugin ID 79863
SynopsisThe remote host has a virtualization appliance installed that is affected by a cross-site scripting vulnerability.
DescriptionThe version of VMware vCenter Server Appliance installed on the remote host is 5.1 prior to Update 3. It is, therefore, affected by an unspecified cross-site scripting vulnerability. A remote attacker can exploit this by means of a specially crafted URL or malicious web page, which can result in the execution of arbitrary script code.
SolutionUpgrade to VMware vCenter Server Appliance 5.1 Update 3 or later.