VMware Security Advisory – A cross-site scripting vulnerability in WebAccess allows for disclosure of sensitive information. The flaw is due to insufficient verification of certain parameters which may lead to redirection of a user’s requests. This vulnerability can only be exploited if the attacker tricks the WebAccess user into clicking a malicious link and the attacker has control of a server on the same network as the system where WebAccess is being used.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/87814/VMSA-2010-0005.txt
Source: https://packetstormsecurity.com/files/87814/VMware-Security-Advisory-2010-0005.html