Persistent Cross-Site Scripting in SolarWinds Network Performance Monitor
CVE-2017-9537
4.8MEDIUM
What is CVE-2017-9537?
A persistent cross-site scripting vulnerability exists in the Add Node function of SolarWinds Network Performance Monitor version 12.0.15300.90. This vulnerability allows remote attackers to inject arbitrary JavaScript into various vulnerable parameters. If exploited, this could lead to the execution of malicious scripts in the context of the user's session, potentially compromising sensitive information and user credentials. Organizations using this version of the software are advised to implement proper security measures to mitigate potential risks.