VMSA-2025-0008: VMware Aria automation updates address a DOM based Cross-site scripting vulnerability (CVE-2025-22249)

Advisory ID: VMSA-2025-0008
Advisory Severity: Important
CVSSv3 Range: 8.2
Synopsis: VMware Aria automation updates address a DOM based Cross-site scripting vulnerability (CVE-2025-22249)
Issue date: 2025-05-12
CVE(s) CVE-2025-22249

Impacted Products
VMware Aria Automation
VMware Cloud Foundation
VMware Telco Cloud Platform

Introduction
A DOM based Cross-Site Scripting (XSS) vulnerability in VMware Aria Automation was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products.

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25711

SysAdmin 24x7

VMSA-2025-0008: VMware Aria automation updates address a DOM based Cross-site scripting vulnerability (CVE-2025-22249)

Advisory ID: VMSA-2025-0008
Advisory Severity: Important
CVSSv3 Range: 8.2
Synopsis: VMware Aria automation updates address a DOM based Cross-site scripting vulnerability (CVE-2025-22249)
Issue date: 2025-05-12
CVE(s) CVE-2025-22249

Impacted Products
VMware Aria Automation
VMware Cloud Foundation
VMware Telco Cloud Platform

Introduction
A DOM based Cross-Site Scripting (XSS) vulnerability in VMware Aria Automation was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products.

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25711

hottg.com/sysadmin24x7/6003

879 viewsMay 12 at 13:13