CVE-2016-7463
published 2016-12-29CVE-2016-7463: Cross-site scripting (XSS) vulnerability in the Host Client in VMware vSphere Hypervisor (aka ESXi) 5.5 and 6.0 allows remote authenticated users to inject…
medium5.4CVSS 3.0
AVNACLPRLUIRSCCLILAN
Cross-site scripting (XSS) vulnerability in the Host Client in VMware vSphere Hypervisor (aka ESXi) 5.5 and 6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted VM.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | esxi | — | — |
| vmware | esxi | — | — |
| vmware | vmware_esxi | — | — |
| vmware | vmware_vsphere | — | — |