Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared dashboard link.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
VMware vRealize Log Insight 跨站脚本漏洞
Vulnerability Description
Vmware VMware vRealize Log Insight是美国威睿(Vmware)公司的一套集中式日志管理解决方案。该产品支持日志整理和日志分析等功能。 VMware vRealize Log Insight 存在跨站脚本漏洞,该漏洞源于对用户提供的数据没有进行充分的清理。远程攻击者可利用该漏洞诱骗受害者点击一个特别制作的链接,并在用户的浏览器中执行任意的HTML和脚本代码。
CVSS Information
N/A
Vulnerability Type
N/A