VMware Security Advisory – VMware vCenter and ESX update releases address cross-site scripting issues in the Help functionality of WebAccess. A vCenter Lab Manager release addresses the same issues which are present in the online Help functionality of Lab Manager and Stage Manager.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/83887/VMSA-2009-0017.txt
Source: https://packetstormsecurity.com/files/83887/VMware-Security-Advisory-2009-0017.html