Six quick fixes flicked to give vAdmins Friday snits
By Simon Sharwood, 5 Dec 2014 It's Friday! By later this afternoon you'll be working at half-pace and contemplating weekend fun.Unless you run VMware's vCenter control freak, because Virtzilla has just revealed a nasty cross-site scripting flaw in the product.
“VMware vCenter Server Appliance (vCSA) contains a vulnerability that may allow for Cross Site Scripting. Exploitation of this vulnerability in vCenter Server requires tricking a user to click on a malicious link or to open a malicious web page while they are logged in into vCenter,” says VMware's advisory, issued late on Thursday US time.
Full Article