Lucene search

CVE-2022-36965 Stored and DOM XSS in QoE Applications: Orion Platform

🗓️ 30 Sep 2022 16:24:45Reported by SolarWindsType

Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. Fixed in SolarWinds Platform (2022.3.0

Reporter	Title	Published	Views	Family All 4
Prion	Design/Logic Flaw	30 Sep 202217:15	–	prion
NVD	CVE-2022-36965	30 Sep 202217:15	–	nvd
CVE	CVE-2022-36965	30 Sep 202217:15	–	cve
Tenable Nessus	SolarWinds Orion Platform < 2022.3 Multiple Vulnerabilities	28 Sep 202200:00	–	nessus

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "Orion Platform",
    "vendor": "SolarWinds",
    "versions": [
      {
        "lessThan": "2022.3.0",
        "status": "affected",
        "version": "2020.2.6 and previous versions",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
solarwinds	www.solarwinds.com/trust-center/security-advisories/CVE-2022-36965
documentation	www.documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 Sep 2022 16:45Current

6.5Medium risk

Vulners AI Score6.5

CVSS36.1

EPSS0.00078