- Description
- VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability. A malicious actor with non-administrative privileges may be able to inject a malicious script that (can perform stored cross-site scripting) may lead to arbitrary operations as admin user.
- Source
- security@vmware.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 6.8
- Impact score
- 5.9
- Exploitability score
- 0.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
- Hype score
- Not currently trending
”VMware製品の資格情報を読み取ることができる情報漏洩の脆弱性「CVE-2025-22218」や、管理者ユーザーとして任意の操作を実行できるクロスサイトスクリプティング(XSS)の脆弱性「CVE-2025-22219」が判明” https://t.co/zND4gKUC6U
@NSaito_tokyo
3 Feb 2025
12 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22219 VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability. A malicious actor with non-administrative privileges may be able to inject a mal… https://t.co/uB58hUZKqc
@CVEnew
30 Jan 2025
317 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes