CVE-2021-22016

Summary

The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link.

Affected Software

VendorProductVersion RangeStatus
n/aVMware vCenter Server, VMware Cloud FoundationVMware vCenter Server 6.7 before 6.7 U3o and VMware Cloud Foundation 3.x before 3.10.2.2affected

Weaknesses

  • Reflected XSS vulnerability

ADP Enrichment

CVE Program Container

Additional References

References