CVE-2026-41724 | THREATINT

Description

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations.

PUBLISHED Reserved 2026-04-22 | Published 2026-06-08 | Updated 2026-06-09 | Assigner vmware

HIGH: 8.0CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Product status

Default status

affected

5.x (custom)

affected

Default status

affected

8.18.x (custom)

affected

Default status

affected

5.x (custom)

affected

References

support.broadcom.com/...l/content/SecurityAdvisories/0/37513

cve.org (CVE-2026-41724)

nvd.nist.gov (CVE-2026-41724)

Download JSON

help @ threatint.eu