CVE-2024-12223: Prism Central <2024.3.1 XSS via Events component (Stored XSS)
CVE-2024-12223 Published on August 20, 2025

Stored Cross-site Scripting (XSS) in Nutanix Prism Central
Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack via the Events component, allowing an attacker to hijack a victim users session and perform actions in their security context.

NVD

Weakness Type

What is a XSS Vulnerability?

The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

CVE-2024-12223 has been classified to as a XSS vulnerability or weakness.

Affected Versions

Nutanix Prism Central:

Before 2024.3.1 is affected.

Exploit Probability

EPSS

0.09%

Percentile

25.29%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2024-12223: Prism Central <2024.3.1 XSS via Events component (Stored XSS)CVE-2024-12223 Published on August 20, 2025

Weakness Type

What is a XSS Vulnerability?

Affected Versions

Exploit Probability

CVE-2024-12223: Prism Central <2024.3.1 XSS via Events component (Stored XSS)
CVE-2024-12223 Published on August 20, 2025