CVE-2021-22016
published 2021-09-23CVE-2021-22016: The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | cloud_foundation | >= 3.0 < 5.0 | 5.0 |
| vmware | vcenter_server | — | — |