Stored Cross-Site Scripting Vulnerability in SolarWinds Database Performance Analyzer
CVE-2026-28322
5.6MEDIUM
Key Information:
- Vendor
Solarwinds
- Vendor
- CVE Published:
- 30 June 2026
What is CVE-2026-28322?
The SolarWinds Database Performance Analyzer has been identified as containing a stored cross-site scripting vulnerability. This flaw allows attackers to inject malicious scripts that can be executed in the browser of users accessing the affected application. If successfully exploited, this vulnerability could result in unauthorized actions being performed within the application, potentially compromising user data and application integrity. It is crucial for users to apply the latest security updates and follow best practices for secure configuration to mitigate this risk.
Affected Version(s)
Database Performance Analyzer 2026.1 and below