Unrated severityNVD Advisory· Published Dec 31, 2005· Updated Jun 16, 2026
CVE-2005-3619
CVE-2005-3619
Description
Cross-site scripting (XSS) vulnerability in the management interface for VMware ESX 2.5.x before 2.5.2 upgrade patch 2, 2.1.x before 2.1.2 upgrade patch 6, and 2.0.x before 2.0.1 upgrade patch 6 allows remote attackers to inject arbitrary web script or HTML via messages that are not sanitized when viewing syslog log files.
Affected products
7cpe:2.3:o:vmware:esx:2.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:o:vmware:esx:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.5:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:2.5.2:*:*:*:*:*:*:*
- (no CPE)range: 2.5.x < 2.5.2 upgrade patch 2; 2.1.x < 2.1.2 upgrade patch 6; 2.0.x < 2.0.1 upgrade patch 6
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.