Unrated severityNVD Advisory· Published Aug 21, 2020· Updated Aug 4, 2024

CVE-2020-3975

Description

VMware App Volumes 2.x prior to 2.18.6 and VMware App Volumes 4 prior to 2006 contain a Stored Cross-Site Scripting (XSS) vulnerability. A malicious actor with access to create and edit applications or create storage groups, may be able to inject malicious script which will be executed by a victim's browser when viewing.

Affected products

VMware/App Volumesdescription
VMware/App Volumesllm-create
Range: 2.x < 2.18.6; 4 < 2006

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.vmware.com/security/advisories/VMSA-2020-0019.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000