Cross site scripting

2020-10-2314:15:00

PRIOn knowledge base

www.prio-n.com

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

VMware Horizon Server (7.x prior to 7.10.3 or 7.13.0) contains a Cross Site Scripting (XSS) vulnerability. Successful exploitation of this issue may allow an attacker to inject malicious script which will be executed.

CPENameOperatorVersion
horizonge7.11.0
horizonlt7.13.0
horizonge7.0
horizonlt7.10.3

Name	Operator	Version
horizon	ge	7.11.0
horizon	lt	7.13.0
horizon	ge	7.0
horizon	lt	7.10.3

References

www.vmware.com/security/advisories/VMSA-2020-0024.html