CVE-2025-22249 | VMware Aria Automation up to 8.18.1 Patch 1 URL cross site scripting

A vulnerability classified as problematic was found in VMware Aria Automation, Cloud Foundation and Telco Cloud Platform up to 8.18.1 Patch 1. This vulnerability affects unknown code of the component URL Handler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2025-22249. The attack can be initiated remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.VulDB Recent EntriesRead More