CVE-2022-23239

Name of the Vulnerable Software and Affected Versions Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1

Description The issue is related to a Stored Cross-Site Scripting (XSS) attack, which can be performed by administrative users. This is due to inadequate protection of the web page structure, allowing a remote attacker to conduct inter-site script attacks.

Recommendations For versions prior to 9.11P1, update to version 9.11P1 or later to resolve the issue. As a temporary workaround, consider restricting access to administrative functions to minimize the risk of exploitation.