Cross-Site Scripting Vulnerability in Serv-U Web Client
CVE-2022-38106

5.4MEDIUM

Key Information:

Vendor: Solarwinds
Status: Serv-u File Server
Vendor: CVE Published:; 16 December 2022

Summary

This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function.

Affected Version(s)

Serv-U File Server 15.3.0

References

https://www.solarwinds.com/trust-center/security-advisori...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=%20CVE-202...

https://documentation.solarwinds.com/en/success_center/se...

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 16, 2022
Vulnerability Reserved
Aug 9, 2022

.