CVE-2024-38833
published 2024-11-26CVE-2024-38833: VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious…
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | aria_operations | >= 8.0 < 8.18.2 | 8.18.2 |
| vmware | cloud_foundation | 4.0 – 5.2 | — |
| vmware | vmware_aria_operations | >= 8.x < 8.18.2 | 8.18.2 |