CVE Alert: CVE-2025-41228

May 21, 2025
image 1

Vulnerability Summary: CVE-2025-41228

VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.

Affected Endpoints:

No affected endpoints listed.

Published Date:

5/20/2025, 3:16:07 PM

⚠️ CVSS Score:

CVSS v3 Score: 4.3 (Medium)

Exploit Status:

Not Exploited

References:

Recommended Action:

No proposed action available. Please refer to vendor documentation for updates.

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

3e39dcbb65f523d2ab21a72d7dbd719a3880b229ba8b6cabf220b8dc6b173c26

Microsoft’s Plain Text Editor Gets Fancy As Notepad Gains Formatting Options

June 3, 2025
3713ac4f6c3a650c67eb9b962b1b90e571dbdfe1b7268cb0454bd0bab3a102e1

Openmamba: Eat Your Greens, They’re Good For You

June 3, 2025
image

CVE Alert: CVE-2025-45387

June 3, 2025
image

CVE Alert: CVE-2025-20298

June 3, 2025
image

CVE Alert: CVE-2025-20297

June 3, 2025