Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. This vulnerability may lead to the Information Disclosure and Escalation of Privileges (takeover of administrator account).
References
Link | Resource |
---|---|
https://documentation.solarwinds.com/en/Success_Center/orionplatform/Content/Release_Notes/Orion_Platform_2020-2-1_release_notes.htm#NewFeaturesOrion | Release Notes Vendor Advisory |
https://support.solarwinds.com/SuccessCenter/s/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-09-17T17:40:15
Updated: 2020-09-17T17:40:15
Reserved: 2020-05-19T00:00:00
Link: CVE-2020-13169
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-09-17T18:15:12.240
Modified: 2022-01-21T14:23:36.680
Link: CVE-2020-13169
JSON object: View
Redhat Information
No data.
CWE