CVE-2025-22249 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a lo…
High CVSS: 8.2

CVE-2025-22249

VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL.
Vendor
Vmware
Product
Aria Automation
CWE
CWE-79
Yayın Tarihi
2025-05-13 06:15:36
Güncelleme
2025-07-11 14:27:30
Source Identifier
security@vmware.com
KEV Date Added
-

Kategoriler

CWE-79 Aria Automation HIGH Vmware 2025

Referanslar

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25711