Lucene search
China National Vulnerability DatabaseCNVD-2022-86388HistoryNov 25, 2022 - 12:00 a.m.
SolarWinds Security Event Manager Cross-Site Scripting Vulnerability
2022-11-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
17
solarwinds security event manager
cross-site scripting
vulnerability
web server
post requests
attack
0.001 Low
EPSS
Percentile
33.5%
SolarWinds Security Event Manager (SolarWinds SEM) is a security event manager from SolarWinds, Inc. A cross-site scripting vulnerability exists in SolarWinds Security Event Manager versions prior to 2022.4, which is used for forensics and troubleshooting, as well as tools to help you manage log data. The vulnerability stems from the web serverβs failure to properly handle the content length of POST requests. An attacker could use this vulnerability to launch a cross-site scripting attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| solarwinds solarwinds security event manager | lt | 2022.4 |
Related
cve
cve
CVE-2022-38114
2022-11-23 17:15:10
prion
prion
Cross site scripting
2022-11-23 17:15:00
nvd
nvd
CVE-2022-38114
2022-11-23 17:15:10
cvelist
cvelist
CVE-2022-38114 Client-Side Desync Vulnerability
2022-11-23 00:00:00