SolarWinds Security Event Manager (SolarWinds SEM) is a security event manager from SolarWinds, Inc. A cross-site scripting vulnerability exists in SolarWinds Security Event Manager versions prior to 2022.4, which is used for forensics and troubleshooting, as well as tools to help you manage log data. The vulnerability stems from the web serverβs failure to properly handle the content length of POST requests. An attacker could use this vulnerability to launch a cross-site scripting attack.
CPE | Name | Operator | Version |
---|---|---|---|
solarwinds solarwinds security event manager | lt | 2022.4 |