Stored and DOM XSS in QoE Applications: Orion Platform
CVE-2022-36965
6.1MEDIUM
Summary
Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).
Affected Version(s)
Orion Platform Windows 2020.2.6 and previous versions < 2022.3.0
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Shashank Chaurasia