CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 08, 2026

Multiple VMware Stored XSS Vulnerabilities Allow Attackers to Inject Malicious Scripts

Cybersecurity News Archived Jun 08, 2026 ✓ Full text saved

Broadcom has disclosed three stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation Operations and several related products, warning that authenticated attackers could inject malicious scripts to perform administrative actions within the environment. Tracked as CVE-2026-41722, CVE-2026-41723, and CVE-2026-41724, the flaws were addressed in security advisory VMSA-2026-0004, published on June 8, 2026. Each vulnerability carries […] The post Multiple VMware Stored XSS V

Full text archived locally
✦ AI Summary · Claude Sonnet


    HomeCyber Security News Multiple VMware Stored XSS Vulnerabilities Allow Attackers to Inject Malicious Scripts By Guru Baran June 8, 2026 Broadcom has disclosed three stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation Operations and several related products, warning that authenticated attackers could inject malicious scripts to perform administrative actions within the environment. Tracked as CVE-2026-41722, CVE-2026-41723, and CVE-2026-41724, the flaws were addressed in security advisory VMSA-2026-0004, published on June 8, 2026. Each vulnerability carries a CVSSv3 base score of 8.0, placing the issues in the “Important” severity range. No workarounds are available, making patching the only viable remediation path. VMware Stored XSS Vulnerabilities According to the advisory, VMware Cloud Foundation Operations contains multiple stored cross-site scripting weaknesses introduced through improperly sanitized user-controlled input. Stored XSS is particularly dangerous compared to reflected variants because the malicious payload is persisted server-side and executed whenever a victim loads the affected component, enabling repeatable attacks against multiple users. The advisory outlines a clear attack path. A malicious actor holding privileges to create policies, views, or text-widgets could embed crafted scripts into these objects. When rendered in the management interface, those scripts execute in the context of other users, potentially higher-privileged administrators, allowing the attacker to carry out administrative actions on their behalf. While exploitation requires existing authenticated access with object-creation rights, the privilege escalation potential within an operations platform that oversees virtualized infrastructure makes the risk significant. The vulnerabilities were privately reported to Broadcom by Alexis Bernazzani of Visa Inc. The advisory spans a broad set of Broadcom virtualization products, including VMware Aria Operations, VMware Cloud Foundation Operations, VMware Cloud Foundation, VMware vSphere Foundation, and VMware Telco Cloud Platform. Broadcom has released patches and updates that organizations should apply according to the Response Matrix. Product Component Affected Version CVEs Addressed Fixed Version VMware Cloud Foundation / vSphere Foundation VMware Cloud Foundation Operations 9.1.x.x CVE-2026-41722, CVE-2026-41723 9.1.0.0 VMware Cloud Foundation / vSphere Foundation VMware Cloud Foundation Operations 9.0.x.x CVE-2026-41722, CVE-2026-41723 9.0.2.0 EP2 VMware Aria Operations N/A 8.x CVE-2026-41722, CVE-2026-41723 8.18.6 VMware Aria Operations N/A 8.x CVE-2026-41722, CVE-2026-41723, CVE-2026-41724 8.18.7 VMware Cloud Foundation VMware Aria Operations 5.x CVE-2026-41722, CVE-2026-41723, CVE-2026-41724 8.18.7 VMware Telco Cloud Platform VMware Aria Operations 5.x CVE-2026-41722, CVE-2026-41723, CVE-2026-41724 KB443138 Administrators should prioritize applying the listed fixed versions promptly, given the absence of any workaround. Organizations are also advised to review role assignments and tighten permissions for creating policies, views, and text-widgets, limiting the pool of accounts capable of triggering these vulnerabilities while patches are rolled out. Follow us on Google News, LinkedIn, and X to Get More Instant Updates. Tags cyber security cyber security news vulnerability Copy URL Linkedin Twitter ReddIt Telegram Guru Baranhttps://cybersecuritynews.com Gurubaran KS is a cybersecurity analyst, and Journalist with a strong focus on emerging threats and digital defense strategies. He is the Co-Founder and Editor-in-Chief of Cyber Security News, where he leads editorial coverage on global cybersecurity developments. Trending News WordPress Malware Abuses Steam Community Profiles for C2 Operations Teams and Google Drive Leveraged to Compromise Systems Within 20 Minutes New Google Gemini Vulnerability Exploited via Prompt Injections from WhatsApp, Slack, and SMS Critical Plesk Vulnerability Let Users Execute Arbitrary Commands on the Server Iran-Linked Hackers Destroy IT, Backups, and Recovery Systems in Cyberattack targeting Middle East Latest News Cyber Security News Critical Redis RCE Vulnerability Enable Attackers to Gain Complete Control to Host Server Cyber Security News Cybercriminals Exploit 2026 FIFA World Cup With Phishing, Fake Stores, and Ticket Scams Cyber Security News Microsoft Warns Claude Code GitHub Action Could Leak CI/CD Workflow Secrets Cyber Security Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens Cyber Security New EDRChoker Tool Uses Policy-Based Quality of Service to Block EDR Processes
    💬 Team Notes
    Article Info
    Source
    Cybersecurity News
    Category
    ◇ Industry News & Leadership
    Published
    Jun 08, 2026
    Archived
    Jun 08, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗