Lucene search
PRIOn knowledge basePRION:CVE-2021-35240HistoryAug 31, 2021 - 4:15 p.m.
Cross site scripting
2021-08-3116:15:00
PRIOn knowledge base
www.prio-n.com
1
A security researcher stored XSS via a Help Server setting. This affects customers using Internet Explorer, because they do not support ‘rel=noopener’.
| CPE | Name | Operator | Version |
|---|---|---|---|
| orion_platform | le | 2020.2.5 |
References
documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm
support.solarwinds.com/SuccessCenter/s/article/Mitigate-the-Stored-XSS-via-Help-Server-setting-CVE-2021-35240?language=en_US
support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2020-2-6-Hotfix-1?language=en_US
www.solarwinds.com/trust-center/security-advisories/cve-2021-35240
Related
cnvd
cnvd
cvelist
cvelist
CVE-2021-35240 Stored XSS via Help Server settings
2021-08-31 15:57:21
nvd
nvd
CVE-2021-35240
2021-08-31 16:15:07
cve
cve
CVE-2021-35240
2021-08-31 16:15:07
nessus
nessus
SolarWinds Orion Platform < 2020.2.6 HF1 Multiple Vulnerabilities
2021-10-22 00:00:00