Volerion logoVolerion
Volerion logoVolerion

VMware Aria Operations for Logs Stored Cross-Site Scripting Vulnerability

Vulnerability

A stored cross-site scripting vulnerability has been identified in VMware Aria Operations for Logs. This vulnerability allows a malicious actor with non-administrative privileges to inject a script that could be executed later, potentially leading to unauthorized actions being performed as an admin user.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user.

Remediation

Users can upgrade to VMware Aria Operations for Logs version 8.18.3 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
5.0
impact
1.7
exploitability
5.0
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.