CVE-2024-38832
CVSS 3.1 Score 7.1 of 10 (high)
Details
Published Nov 26, 2024
Updated: Dec 6, 2024
CWE ID 79
Summary
CVE-2024-38832 is a stored cross-site scripting vulnerability affecting VMware Aria Operations. Malicious actors with editing access to views can exploit this flaw to inject malicious scripts, leading to stored cross-site scripting within the product. This issue poses a significant security risk, as successful attacks could result in unauthorized access to user data or system manipulation. VMware Aria Operations users are advised to update their systems as soon as a patch becomes available to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share