VMware Aria Automation DOM-Based Cross-Site Scripting Vulnerability

A DOM-based cross-site scripting vulnerability has been identified in VMware Aria Automation. This issue allows a malicious actor to steal the access token of a logged-in user by tricking them into clicking a specially crafted URL. The vulnerability is present in VMware Aria Automation versions 8.18.x, as well as in VMware Cloud Foundation versions 5.x and 4.x, and VMware Telco Cloud Platform version 5.x.

Impact

Exploitation of this vulnerability allows for DOM-based cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.

Remediation

To address this vulnerability, users should apply the patches available for VMware Aria Automation version 8.18.1 patch 2, and for VMware Cloud Foundation, consult the Broadcom Knowledge Base article KB394224. VMware Telco Cloud Platform users should also apply the 8.18.1 patch 2.