CVE-2025-41228 — VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or — CVE Database · The Intelligence Room