Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2025-41228

CWE-79 — Cross-site Scripting (XSS)4 documents4 sources

Severity

4.3MEDIUM

EPSS

6.0%

top 9.30%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Vmware Esxi Vmware Vcenter Server Vmware Cloud Foundation +2 more

Timeline

PublishedMay 20

Latest updateAug 11

Description

VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages5 packages

▶CVEListV5vmware/vcenter_server8.0 — 8.0 U3e

▶CVEListV5vmware/esxi8.0 — ESXi80U3se-24659227+1

▶CVEListV5vmware/cloud_foundation5.x, 4.5.x

▶CVEListV5vmware/telco_cloud_platform5.x, 4.x, 3.x, 2.x

▶CVEListV5vmware/telco_cloud_infrastructure3.x,2.x

🔴Vulnerability Details

CVEList

VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability↗2025-05-20

▶

GHSA

GHSA-vqfj-4mcp-7qx6: VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation↗2025-05-20

▶

💥Exploits & PoCs

Exploit-DB

VMware vSphere Client 8.0.3.0 - Reflected Cross-Site Scripting (XSS)↗2025-08-11

▶