CVE-2018-6958

Summary

VMware vRealize Automation (vRA) prior to 7.3.1 contains a vulnerability that may allow for a DOM-based cross-site scripting (XSS) attack. Exploitation of this issue may lead to the compromise of the vRA user's workstation.

Affected Software

VendorProductVersion RangeStatus
VMwarevRealize Automationprior to 7.3.1affected

Weaknesses

  • DOM-based cross-site scripting (XSS) vulnerability

ADP Enrichment

CVE Program Container

Additional References

References