CVE-2024-38832
published 2024-11-26CVE-2024-38832: VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious…
medium6.4CVSS 3.1
AVNACLPRLUINSCCLILAN
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | aria_operations | >= 8.0 < 8.18.2 | 8.18.2 |
| vmware | cloud_foundation | 4.0 – 5.2 | — |
| vmware | vmware_aria_operations | >= 8.x < 8.18.2 | 8.18.2 |