Input validation

2023-04-2120:15:00

PRIOn knowledge base

www.prio-n.com

solarwinds

input vulnerability

remote adversary

html injection

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.5%

JSON

The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject HTML.

CPENameOperatorVersion
orion_platformlt2023.2

CPE	Name	Operator	Version
	orion_platform	lt	2023.2

References

documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-2_release_notes.htm

www.solarwinds.com/trust-center/security-advisories/CVE-2022-47509