DOM-based Cross-Site Scripting (XSS) Vulnerability in VMware vRealize Automation (vRA)

DOM-based Cross-Site Scripting (XSS) Vulnerability in VMware vRealize Automation (vRA)

CVE-2018-6958 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

VMware vRealize Automation (vRA) prior to 7.3.1 contains a vulnerability that may allow for a DOM-based cross-site scripting (XSS) attack. Exploitation of this issue may lead to the compromise of the vRA user's workstation.

Learn more about our User Device Pen Test.