HTML Injection Vulnerability in SolarWinds Web Help Desk
CVE-2019-16954
5.4MEDIUM
What is CVE-2019-16954?
The SolarWinds Web Help Desk version 12.7.0 is susceptible to an HTML injection vulnerability that arises from improper validation of user-supplied input in the Comment field of Help Request tickets. This flaw allows attackers to inject malicious HTML code, potentially compromising the integrity of the application and enabling unauthorized access or manipulation of user sessions.