Bright Nexus

Published on June 8, 2026

Multiple VMware Stored XSS Vulnerabilities Allow Attackers to Inject Malicious Scripts

Severity

High

Detail

Broadcom has disclosed three stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation Operations and several related products. Tracked as CVE-2026-41722, CVE-2026-41723, and CVE-2026-41724, the flaws were addressed in security advisory VMSA-2026-0004. No workarounds are currently available, making patching the only viable remediation path.

The vulnerabilities stem from stored cross-site scripting flaws within VMware Cloud Foundation Operations that allow malicious scripts to be embedded in user-created content. Stored XSS payloads are persisted server-side and execute automatically whenever a victim loads the affected component, enabling repeatable attacks against multiple users.

An authenticated attacker holding privileges to create policies, views, or text-widgets can exploit these flaws by embedding crafted scripts into these objects. When these objects are rendered within the management interface, the embedded scripts execute in the context of other users, including higher-privileged administrators, potentially allowing attackers to perform administrative actions on their behalf. Exploitation requires existing authenticated access with object-creation rights, while the privilege escalation potential within an operations platform that oversees virtualized infrastructure poses a significant operational risk. The vulnerabilities were privately reported to Broadcom by Alexis Bernazzani of Visa Inc.

CVE IDSummaryCVSS Score
CVE-2026-41722   Stored cross-site scripting vulnerability allowing an authenticated user with privileges to create policies, views, or text-widgets to inject malicious scripts and perform administrative actions.  8.0 (High)
CVE-2026-41723
CVE-2026-41724

Affected Products

The following Broadcom and VMware products are affected by these vulnerabilities and should be reviewed for applicable security updates:

  • VMware Cloud Foundation Operations
  • VMware Aria Operations
  • VMware Cloud Foundation
  • VMware vSphere Foundation
  • VMware Telco Cloud Platform

Recommendation

Organizations should promptly apply vendor-provided updates and implement the following measures to reduce the risk of exploitation:

  • Prioritize applying the listed fixed versions promptly from the Broadcom/VMware support portal, given the absence of any valid workarounds.
  • Review role assignments and tighten explicit permissions for creating policies, views, and text-widgets to limit the pool of accounts capable of triggering these vulnerabilities.
  • Monitor management interfaces and system audit logs for unusual administrative activities or unauthorized modifications to views and widgets while patches are being rolled out.


Source

https://cybersecuritynews.com/vmware-stored-xss-vulnerabilities/

https://nvd.nist.gov/vuln/detail/CVE-2026-41724

https://nvd.nist.gov/vuln/detail/CVE-2026-41723

https://nvd.nist.gov/vuln/detail/CVE-2026-41722