SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen.
References
Link | Resource |
---|---|
https://www.esecforte.com/responsible-vulnerability-disclosure-cve-2019-12863-stored-html-injection-vulnerability-in-solarwinds-orion-platform-2018-4-hf3-npm-12-4-netpath-1-1-4/ | Exploit Third Party Advisory |
https://www.solarwinds.com/network-performance-monitor | Product Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-02-25T16:52:09
Updated: 2020-02-25T16:52:09
Reserved: 2019-06-16T00:00:00
Link: CVE-2019-12863
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-02-25T17:15:11.150
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-12863
JSON object: View
Redhat Information
No data.
CWE