AI Score
Confidence
High
EPSS
Percentile
37.0%
SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter.
labs.nettitude.com/blog/cve-2018-13442-solarwinds-npm-sql-injection/