CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vmware: >> Telco Cloud Platform >> 5.0.1 Security Vulnerabilities

CVE-2025-22249

VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL.

CVSS Score

8.2

EPSS Score

0.001

Published

2025-05-13

Page 1

Vulnerabilities

Vulnerable Software

Vmware: >> Telco Cloud Platform >> 5.0.1 Security Vulnerabilities

Products

Pricing

Contact Us