CVE-2012-1511: XSS
First published: Fri Mar 16 2012(Updated: )
Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware View | <=4.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://archives.neohapsis.com/archives/bugtraq/2012-03/0071.html
- http://osvdb.org/80118
- http://secunia.com/advisories/48379
- http://www.securityfocus.com/bid/52526
- http://www.securitytracker.com/id?1026814
- http://www.vmware.com/security/advisories/VMSA-2012-0004.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16664
Frequently Asked Questions
What is the severity of CVE-2012-1511?
CVE-2012-1511 has been classified as a medium severity vulnerability.
How do I fix CVE-2012-1511?
To mitigate CVE-2012-1511, upgrade to VMware View version 4.6.1 or later.
Who is affected by CVE-2012-1511?
CVE-2012-1511 affects users running VMware View versions prior to 4.6.1.
What kind of attack does CVE-2012-1511 enable?
CVE-2012-1511 allows remote attackers to exploit a cross-site scripting (XSS) vulnerability.
What are the potential consequences of exploiting CVE-2012-1511?
Exploitation of CVE-2012-1511 can lead to unauthorized script execution in the user’s browser.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-index
- vendor/vmware
- canonical/vmware view
- version/vmware view/4.6.0