VMware ESX WebWorks Help Multiple XSS (VMSA-2009-0017) (remote check)
Medium Nessus Plugin ID 89118
SynopsisThe remote host is missing a security-related patch.
DescriptionThe remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple cross-site scripting (XSS) vulnerabilities in WebWorks Help due to improper sanitization of user-supplied input to unspecified parameters or to messages used in topic links. A remote attacker can exploit these to inject arbitrary script code or HTML into the user's browser session.
SolutionApply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0.