Unrated severityNVD Advisory· Published Jan 30, 2025· Updated Mar 13, 2025
VMware Aria Operations for Logs stored cross-site scripting vulnerability (CVE-2025-22221)
CVE-2025-22221
Description
VMware Aria Operation for Logs contains a stored cross-site scripting vulnerability. A malicious actor with admin privileges to VMware Aria Operations for Logs may be able to inject a malicious script that could be executed in a victim's browser when performing a delete action in the Agent Configuration.
Affected products
2- VMware/VMware Aria Operations for Logsv5Range: 8.x
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.