Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).
References
Configurations
History
03 Aug 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0). | |
References |
|
|
04 Oct 2022, 13:37
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://www.solarwinds.com/trust-center/security-advisories/CVE-2022-36965 - Vendor Advisory | |
References | (CONFIRM) https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm#:~:text=Release%20date%3A%20May%2024%2C%202022%20These%20release%20notes,issues.%20New%20features%20and%20improvements%20in%20SolarWinds%20Platform - Vendor Advisory | |
CWE | CWE-79 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
First Time |
Solarwinds solarwinds Platform
Solarwinds |
|
CPE | cpe:2.3:a:solarwinds:solarwinds_platform:*:*:*:*:*:*:*:* |
30 Sep 2022, 17:37
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-30 17:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-36965
Mitre link : CVE-2022-36965
CVE.ORG link : CVE-2022-36965
JSON object : View
Products Affected
solarwinds
- solarwinds_platform
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')